Mercedes-Benz “smart car” source code leaked – expert commentary

By   Information Security Buzz Editorial Staff
Chief Editor , Information Security Buzz | May 18, 2020 11:30 pm PST

A security researcher discovered a misconfiguration in a Git web portal belonging to Daimler AG, the German automotive company behind the Mercedes-Benz brand. The researcher was able to access, download and leak over 580 Git repositories containing the source code for “smart car” components installed in Mercedes vans. The leaked projects also included Raspberry Pi images, server images, internal Daimler components for managing remote OLUs, internal documentation, code samples, and passwords and API tokens to Daimler’s systems.