171 matches found
Honda Civic 安全漏洞
Honda Civic is an automobile from Honda Japan. The Honda Civic 2018 model year has a security vulnerability in the remote keyless system that stems from the remote keyless system sending the same RF signal for every door open request, which allows replay attacks, related to CVE-2019-20626...
CVE-2022-23649
Cosign provides container signing, verification, and storage in an OCI registry for the sigstore project. Prior to version 1.5.2, Cosign can be manipulated to claim that an entry for a signature exists in the Rekor transparency log even if it doesn't. This requires the attacker to have pull and...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
Open redirect
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
CVE-2022-23126
TeslaMate prior to 1.25.1 (default Docker config) is vulnerable: an attacker can leverage Grafana login access to obtain a Tesla API token, enabling door opening, initiating Keyless Driving, and interference with vehicle operation en route. Affected component: the TeslaMate Docker deployment; roo...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
Arch Linux 资源管理错误漏洞
Arch Linux is an application system from Arch Open Source. A lightweight and flexible Linux® distribution that tries to keep it simple. Arch Linux suffers from a Resource Management Error vulnerability that stems from improper internal resource management in naive's keyless hash function. A remot...
Tesla Hacked and Stolen Again Using Key Fob
Researchers have demonstrated for the third time how hacking into the key fob of a Tesla can allow someone to access and steal the car in minutes. The new attack again shows a security vulnerability in the keyless entry system of one of the most expensive electric vehicles EVs on the market...
CVE-2019-20626
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack...
Open redirect
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack...
CVE-2019-20626
CVE-2019-20626 affects Honda/Honda HR-V 2017 remote keyless systems where the door-open request reuses the same RF signal, enabling a replay attack. The connected Red Hat entries corroborate a related issue in Honda HR-V/Civic lines and describe the underlying cause as transmitting an unencrypted...
CVE-2019-20626
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack...
SOCA Access Control System 180612 Information Disclosure
Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...
SOCA Access Control System 180612 - Information Disclosure
Exploit for php platform in category web applications SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint...
Gone in six seconds? Exploiting car alarms
Key relay attacks against keyless entry vehicles are well known. Many 3rd party car alarm vendors market themselves as solutions to this. We have shown that fitting these alarms can make your vehicle EVEN LESS SECURE! These alarms can expose you to hijack, may allow your engine to be stopped whil...
CVE-2018-16806
A Pektron Passive Keyless Entry and Start PKES system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two...
CVE-2018-16806
The CVE-2018-16806 entry concerns a Pektron Passive Keyless Entry and Start (PKES) system used in the Tesla Model S (and possibly other vehicles) that relies on the DST40 cipher. The vulnerability is described as enabling an attacker to clone a key fob within a few seconds after a 5.4 TB precompu...
Watch thieves steal keyless Mercedes within 23 seconds
By Waqas As recently as May 17th, 2018, a security camera recorded This is a post from HackRead.com Read the original post: Watch thieves steal keyless Mercedes within 23 seconds...
RFCrack - A Software Defined Radio Attack Tool
RFCrack is my personal RF test bench, it was developed for testing RF communications between any physical device that communicates over sub Ghz frequencies. IoT devices, Cars, Alarm Systems etc... Testing was done with the Yardstick One on OSX, but RFCrack should work fine in linux. Support for...