This year, researchers discovered a vulnerability in some Honda line of vehicles that could allow hackers to unlock and start affected vehicles remotely. A vulnerability is a weakness in a system, for example a software application, that if exploited can result in a breach of the application. In essence, car thieves can clone signals from your keyless entry remote, store it and use it at a later date to open and start your vehicle in what is dubbed a “replay” attack. This security flaw, known as the RollingPWN vulnerability by researchers affects a component of the Honda keyless entry system used to lock, unlock and enable starting of the engine, but other vehicle manufacturers may be vulnerable.
In a secure keyless entry system, technology known as Clone Safe Code-Hopping(or Rolling code) used by manufacturers such as Directed, uses 66-bit encryption, which provides security from Code grabbers, illegal devices that intercept and rebroadcast radio frequency signals. 66-bit encryption is 2 to the 66th power, which is equivalent to 18 quintilion codes(1 quintillion is a million million millions or a billion billions). In the 66-bit transmission code, 32 bits are encrypted of which there are almost 4 billion possible code combinations, which would take approximately 17 years to fully scan with restrictions on the reuse of passwords which woud not be valid again until about 65000 other codes have been used, which in real terms it would take 20 years for a generated code to become valid again.
With this vulnerability tagged CVE-2022-27254, discovered by Ayyappan Rajesh and someone with the handle HackingIntoYourHeart for Honda Civic LX, EX, EX-L, Touring, Si, and Type R vehicles manufactured between 2016 and 2020 all have this vulnerability, allowing replay attack for unlocking. Kevin26000 also reported a similar replay attack (CVE-2021-46145) in January 2022, and Wesley Li discovered the old codes could be rolled back and used to obtain unauthorised access to the vehicle.
The CVE-Common vunerabilities and exposures, located on the web at https://cve.mitre.org/, identifies and catalog publicly disclosed cybersecurity vulnerabilities.
Based on the list and successful tests of the exploit, Kevin26000 and Li strongly believe the vulnerability could affect all Honda vehicles with this keyless entry system.
Mark James-Robinson
Cyber Security Consultant
(876) 778-8202
mjrobin@proton.me
.jpeg)
My understanding though not an expert in Cyber is that this cloning can happen to almost any vehicle targeted so is it that Hondas are most vulnerable?
ReplyDelete