The Autel MaxiCharger presents a vast attack surface for potential security vulnerabilities, largely due to its extensive feature set in both mobile applications.
Upon reverse engineering, we found that the Autel Charge app employs anti-reversing measures, indicating a heightened focus on security for user interactions.
The Autel Config app is distinctly separate from the Charge app, suggesting that authorized personnel have a different access path, hinting at strict user management.
The functionality of the Autel Charge app includes compelling features like charging schedules and firmware updates, but the unexpected superuser request poses potential risks.
#autel-maxicharger #vulnerability-research #mobile-applications #security-analysis #reverse-engineering
Collection
[
|
...
]