Vulnerabilities in a popular GPS tracker made in China and used around the world could allow hackers to disrupt vehicles, cut off their fuel and surveil drivers’ movements, according to new research.

Boston-based BitSight Technologies said its discovery of several “severe” vulnerabilities in the Micodus MV720 tracker affects consumers, private companies and government agencies alike – placing them at a “high risk” of personal injury, vehicle disablement and supply-chain disruption. Researchers believe 1.5 million Micodus devices are in use in more than 160 countries.