CVE-2026-2539 Micca KE700 Cleartext transmission of key fob ID

The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool e.g., SDR can capture the random number and counters transmitted in cleartext, which is sensitive information required for authentication...

CVE-2022-37418

The Remote Keyless Entry RKE receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after capturing two consecutive valid key fob signals over the radio, aka a RollBack attack. The attacker retain...

EUVD-2020-21813

Malware in sbrugna...

EUVD-2020-21811

Malware in sbrugna...

EUVD-2018-8606

Malware in sbrugna...

EUVD-2020-21812

Malware in sbrugna...

EUVD-2025-18278

Malicious code in bioql PyPI...

EUVD-2025-18276

Malicious code in bioql PyPI...

CVE-2025-6030

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador...

CVE-2025-6029

Use of fixed learning codes, one code to lock the car and the other code to unlock it, the Key Fob Transmitter in KIA-branded Aftermarket Generic Smart Keyless Entry System, primarily distributed in Ecuador, which allows a replay attack. Manufacture is unknown at the time of release. CVE Record...

CVE-2025-6030

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador...

CVE-2022-30467

Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote attackers to jam the key fob request via RF...

CVE-2022-36945

The Remote Keyless Entry RKE receiving unit on certain Mazda vehicles through 2020 allows remote attackers to perform unlock operations and force a resynchronization after capturing three consecutive valid key-fob signals over the radio, aka a RollBack attack. The attacker retains the ability to...

CVE-2020-29438

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...

CVE-2020-29439

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...

CVE-2020-29440

Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module BCM. This allows an attacker who is inside a vehicle, or is otherwise able to send data over the CAN bus to start and drive the vehicle with a spoofe...

Canada revisits decision to ban Flipper Zero

In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesnt...

Blitzwolf BW-IS22 Smart Home Security Alarm 安全漏洞

The Blitzwolf BW-IS22 Smart Home Security Alarm is a smart home alarm system from Blitzwolf. A security vulnerability exists in the Blitzwolf BW-IS22 Smart Home Security Alarm v1.0 firmware version, which stems from a vulnerability that allows an attacker to gain full access, where the attacker c...

Kerui W18 Alarm 安全漏洞

The Kerui W18 Alarm System is a stable and reliable high-end GSM and WIFI dual network alarm system from Kerui. A security vulnerability exists in the Kerui W18 Alarm System v1.0 firmware version, which originated from a vulnerability that allows an attacker to gain full access to the system, and...

Digoo DG-HAMB Smart Home Security System 安全漏洞

The Digoo DG-HAMB Smart Home Security System is a suite of smart home security alarm systems from Digoo. A security vulnerability exists in the Digoo DG-HAMB Smart Home Security System v1.0 firmware version, which stems from a vulnerability that allows an attacker to gain full access, where the...