Rolling-PWN Attack Vulnerability Unlock Honda
If you own a 2012-2022 Honda, it might be smart to never leave valuables inside the vehicle, or else the Rolling-PWN attack vulnerability could be used by potential thieves. How? Most modern vehicles come equipped with a remote keyless entry system, and this vulnerability lets anyone permanently open the car door or even start the car engine from a long distance.



A rolling code system in remote keyless entry systems aims to prevent replay attacks and after each button press, the synchronizing counter is increased. However, the vehicle receiver also accepts a sliding window of codes to avoid accidental key presses by design. This means that by sending commands in a consecutive sequence to certain Honda vehicles, it re-synchronizes the counter. Once the counter is re-synced, commands from the previous cycle of the counter work again, thus allowing those commands to be used at a later time to unlock the car. Hopefully, this bug is fixed by the time the Honda Ridgeline EV pickup truck is released.

Sale
Segway Ninebot S Smart Self-Balancing Electric Scooter, Dual 400W Motor, Max 13.7 Miles Range & 10MPH, Hoverboard with LED Light, Compatible with Gokart kit
3,455 Reviews
Segway Ninebot S Smart Self-Balancing Electric Scooter, Dual 400W Motor, Max 13.7 Miles Range & 10MPH, Hoverboard with LED Light, Compatible with Gokart kit
  • Safety Priority : UL 2272 certification ensures Ninebot S meets high standards for fire and electrical safety. The Smart Battery Management System...
  • Operating temperature-14-104°F(-10-40°C)

Although the main targets for the research is Honda Automobiles. But we have leads to show the impact of this vulnerability also applies to other car manufacturers. We will release more details in the future,” said the researcher.

Write A Comment