Updating to VRT 1.7

We recently released VRT v1.7, with a platform integration planned for the week of March 25th. The release includes but is not limited to the listed updates. For more information, see VRT 1.7 with New Automotive Security Misconfiguration .

  • Automative Security Misconfiguration category

  • Sensitive Data Exposure > Weak Password Reset Implementation > Token Leakage via Host Header Poisoning as a new P2 variant, which is consistent with how this issue has been triaged by Bugcrowd’s Application Security Engineers so far.

  • Two new P4’s related to 2FA Secret Management

  • Improved
  • Remediation Advice links to latest OWASP Documentation