![]() Why customer support? Because Honda doesn’t have a security department to submit such an issue to. ![]() The researcher contacted Honda customer support weeks ago, and hasn’t received a reply yet. If you have one of the models affected, that’s bad news, because Honda probably won’t respond anyway. Thus, it requires some eavesdropping on previous keyfob-car communication, but this should be easy to set up with a cheap SDR and an SBC of your choice. The hack appears to replay a series of previously valid codes that resets the internal PRNG counter to an older state, allowing the attacker to reuse the known prior keys. , who discovered the same flaw independently, goes into more technical detail. ![]() goes in depth on the implications of the attack but doesn’t publish many details. This vulnerability has been assigned the CVE-2021-46145. We simply don’t know yet if it affects other vendors, but in principle it could. ![]() So far it’s only been proven on Hondas, but ten out of ten models that tested were vulnerable, leading him to conclude that all Honda vehicles on the market can probably be opened in this way. Honda cars have been found to be severely vulnerable to a newly published Rolling PWN attack, letting you remotely open the car doors or even start the engine.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |