Honda Bug Lets A Hacker Unlock And Start Your Car via Replay Attack

By   ISBuzz Team
Writer , Information Security Buzz | Mar 28, 2022 01:52 am PST

It has been reported that researchers have disclosed a ‘replay attack’ vulnerability affecting select Honda and Acura car models, that allows a nearby hacker to unlock your car and even start its engine from a short distance. The attack consists of a threat actor capturing the RF signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system. The vulnerability, according to researchers, remains largely unfixed in older models. But Honda owners may be able to take some action to protect themselves against this attack. The vulnerability, tracked as CVE-2022-27254, is a Man-in-the-Middle (MitM) attack or more specifically a replay attack in which an attacker intercepts the RF signals normally sent from a remote key fob to the car, manipulates these signals, and re-sends these at a later time to unlock the car at will.