Honda’s Keyless Entry Bug May Let Thieves Remotely Unlock and Begin Automobiles

A duo of researchers has launched a proof-of-concept (PoC) demonstrating the power for a malicious actor to distant lock, unlock, and even begin Honda and Acura automobiles by way of what’s referred to as a replay assault.

The assault is made potential, because of a vulnerability in its distant keyless system (CVE-2022-27254) that impacts Honda Civic LX, EX, EX-L, Touring, Si, and Sort R fashions manufactured between 2016 and 2020. Credited with discovering the difficulty are Ayyappan Rajesh, a pupil at UMass Dartmouth, and Blake Berry (HackingIntoYourHeart).


“A hacker can achieve full and limitless entry to locking, unlocking, controlling the home windows, opening the trunk, and beginning the engine of the goal car the place the one strategy to forestall the assault is to both by no means use your fob or, after being compromised (which might be troublesome to appreciate), resetting your fob at a dealership,” Berry defined in a GitHub put up.

The underlying situation is that the distant key fob on the affected Honda automobiles transmits the identical, unencrypted radio frequency sign (433.215MHz) to the automotive, successfully enabling an adversary to intercept and replay the request at a later time to wirelessly begin the engine in addition to lock and unlock the doorways.

This isn’t the primary time a flaw of this type has been uncovered in Honda automobiles. A associated situation found in 2017 Honda HR-V fashions (CVE-2019-20626, CVSS rating: 6.5) is claimed to have been “seemingly ignored” by the Japanese firm, Berry alleged.

“Producers should implement Rolling Codes, in any other case often called hopping code,” Rajesh mentioned. “It’s a safety know-how generally used to offer a contemporary code for every authentication of a distant keyless entry (RKE) or passive keyless entry (PKE) system.”


In response to the findings, Honda mentioned “that is usually not a brand new assertion with a number of previous unconfirmed iterations of comparable key fob units, and for my part doesn’t advantage any additional reporting,” and that it “has no plan to replace older automobiles right now.”

“Legacy know-how utilized by a number of automakers to remotely lock and unlock doorways could also be weak to decided and really technologically subtle thieves,” Honda spokesperson Chris Martin advised The Hacker Information.

“At the moment, it seems that the units solely seem to work inside shut proximity or whereas bodily connected to the goal car, requiring native reception of radio indicators from the car proprietor’s key fob when the car is opened and began close by.”

“Additional, entry to a car with out different means to drive the car, whereas hi-tech in nature, doesn’t present thieves a bonus a lot larger than extra conventional and positively simpler methods to realize entry to a car. And there’s no indication that the kind of system in query is extensively used.”

“Additionally, for Acura and Honda automobiles, whereas sure fashions characteristic a distant begin characteristic, a car began remotely can’t be pushed till a legitimate key fob with a separate immobilizer chip is current within the car, decreasing the chance of a car theft. There is no such thing as a indication that the reported vulnerability to door locks has resulted in a capability to truly drive an Acura or Honda car.”

Supply hyperlink