Unpatched Flaws in Popular GPS Devices Allow Adversaries to Disrupt and Track Vehicles
BitSight described six ‘severe’ vulnerabilities in the MiCODUS MV720 GPS tracker
Stay updated on GPS security threats and advancements. Explore the latest news and insights in the GPS infosec field. Protect your tracking tech today.
Search across headline titles and summaries.
Background for this topic.
GPS (Global Positioning System) is a satellite-based navigation and timing service. A receiver calculates its position and precise time from signals broadcast by satellites; it usually does not authenticate those signals before using them. GPS is one component of the broader family of global navigation satellite systems (GNSS), although “GPS” is often used informally for satellite navigation generally.
Its main security concerns are spoofing and jamming. Spoofing transmits counterfeit signals that can make a receiver report a false location or time; jamming overwhelms the weak satellite signals and causes loss of service. These attacks can disrupt navigation, geofencing, surveying, or systems that depend on GPS timing, but their effect depends on receiver design and signal exposure. Defenses include authenticated signals where available, interference monitoring, plausibility checks, and independent sources such as inertial sensors or terrestrial timing. GPS-enabled phones, vehicles, and tracking systems also create privacy risks because stored location histories can reveal movements and routines; access controls, retention limits, and transparent collection practices are relevant safeguards.
BitSight described six ‘severe’ vulnerabilities in the MiCODUS MV720 GPS tracker