Rolling-PWN Attack Vulnerability Unlock Honda
If you own a 2012-2022 Honda, it might be smart to never leave valuables inside the vehicle, or else the Rolling-PWN attack vulnerability could be used by potential thieves. How? Most modern vehicles come equipped with a remote keyless entry system, and this vulnerability lets anyone permanently open the car door or even start the car engine from a long distance.



A rolling code system in remote keyless entry systems aims to prevent replay attacks and after each button press, the synchronizing counter is increased. However, the vehicle receiver also accepts a sliding window of codes to avoid accidental key presses by design. This means that by sending commands in a consecutive sequence to certain Honda vehicles, it re-synchronizes the counter. Once the counter is re-synced, commands from the previous cycle of the counter work again, thus allowing those commands to be used at a later time to unlock the car. Hopefully, this bug is fixed by the time the Honda Ridgeline EV pickup truck is released.

Sale
Segway Ninebot S Smart Self-Balancing Electric Scooter, Dual 400W Motor, Max 13.7 Miles Range & 10MPH,...
3,853 Reviews
Segway Ninebot S Smart Self-Balancing Electric Scooter, Dual 400W Motor, Max 13.7 Miles Range & 10MPH,...
  • Eye-catching black design, compact at 28 lbs, 220 lbs max load. Age: 16-50. Height: 3.11-6.6".
  • High-performance battery: Dual 400W motors, 10 mph max speed, 13.7 miles per charge, 15° slope.
  • Illuminating LED lights for visibility.

Although the main targets for the research is Honda Automobiles. But we have leads to show the impact of this vulnerability also applies to other car manufacturers. We will release more details in the future,” said the researcher.

Author

A technology, gadget and video game enthusiast that loves covering the latest industry news. Favorite trade show? Mobile World Congress in Barcelona.