40 matches found
CVE-2022-30111
Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks...
CVE-2022-38766
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack...
Canada revisits decision to ban Flipper Zero
In February 2024 the Canadian government announced plans to ban the sale of the Flipper Zero, mainly because of its reported use to steal cars. The Flipper Zero is a portable device that can be used in penetration testing with a focus on wireless devices and access control systems. If that doesnt...
Open redirect
The remote keyless system on Renault ZOE 2021 vehicles sends 433.92 MHz RF signals from the same Rolling Codes set for each door-open request, which allows for a replay attack...
CVE-2022-30111
Due to the use of an insecure algorithm for rolling codes in MCK Smartlock 1.0, allows attackers to unlock the mechanism via replay attacks...
CVE-2022-30111
CVE-2022-30111 affects MCK Smartlock 1.0 due to an insecure rolling-code algorithm that enables replay attacks to unlock the mechanism. The vulnerability arises from the rolling-code design, allowing an attacker with physical access to replay codes and compromise authentication. In the NVD entry,...
CVE-2022-27254 - PoC For Vulnerability In Honda's Remote Keyless System
PoC for vulnerability in Honda's Remote Keyless SystemCVE-2022-27254 Disclaimer: For educational purposes only. Kindly note that the discoverers for this vulnerability are Ayyappan Rajesh, a student at UMass Dartmouth and HackingIntoYourHeart. Others mentioned in this repository are credited for...
Honda's Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles
A duo of researchers has released a proof-of-concept PoC demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what's called a replay attack. The attack is made possible, thanks to a vulnerability in its remote keyless system...
Exploit for Authentication Bypass by Capture-replay in Honda Civic_2018_Firmware
CVE-2022-27254 PoC for vulnerability in Honda's Remote Keyless...
PT-2022-18332 · Honda · Honda Civic
Name of the Vulnerable Software and Affected Versions: Honda Civic versions 2016 through 2020 Description: The issue concerns a replay attack vulnerability in the remote keyless system of certain Honda vehicles, allowing unauthorized individuals to unlock doors and start the engine by interceptin...
CVE-2019-9860
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control FUBE50014 or FUBE50015 relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are n...
CVE-2019-9860
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control FUBE50014 or FUBE50015 relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are n...
Design/Logic Flaw
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control FUBE50014 or FUBE50015 relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are n...
CVE-2019-9863
Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way...
CVE-2019-9860
Due to unencrypted signal communication and predictability of rolling codes, an attacker can "desynchronize" an ABUS Secvest wireless remote control FUBE50014 or FUBE50015 relative to its controlled Secvest wireless alarm system FUAA50000 3.01.01, so that sent commands by the remote control are n...
CVE-2019-9860
CVE-2019-9860 maps to ABUS Secvest legacy system components: wireless remote controls FUBE50014/FUBE50015 and the FUAA50000 3.01.01 alarm, with a root cause of unencrypted signal communication and easily guessable rolling codes. This allows an attacker to desynchronize the remote from the alarm, ...
CVE-2019-9863
Due to the use of an insecure algorithm for rolling codes in the ABUS Secvest wireless alarm system FUAA50000 3.01.01 and its remote controls FUBE50014 and FUBE50015, an attacker is able to predict valid future rolling codes, and can thus remotely control the alarm system in an unauthorized way...
CVE-2019-9863
CVE-2019-9863 concerns the ABUS Secvest wireless alarm system FUAA50000 (v3.01.01) and its remote controls FUBE50014/FUBE50015. The root cause is an insecure algorithm used for rolling codes, which enables an attacker to predict valid future rolling codes and remotely control the alarm system in ...
Hardware vulnerability in Wamma smart door locks
Guangzhou Huama Building Materials Co., Ltd. is a modernized professional manufacturer integrating scientific research, production and sales. There is a hardware vulnerability in the Huama smart door lock, which is due to the fact that the Huama door lock radio signal is not set up with anti-repl...
OwnStar Attack Now Aimed at BMW, Chrysler, Mercedes Cars
The OwnStar attack that hacker Samy Kamkar revealed late last month can be used against not only GM vehicles, but cars manufactured by Mercedes-Benz, BMW, and Chrysler, as well. The attack allows Kamkar to intercept the traffic from nearby mobile phones that have specific apps open that control...