honda hacker attack
Researchers have disclosed a ‘replay attack’ vulnerability affecting select Honda and Acura car models, that allows a nearby hacker to unlock your car and even start its engine from a short distance.
The attack consists of a threat actor capturing the RF signals sent from your key fob to the car and resending these signals to take control of your car’s remote keyless entry system.
The vulnerability, according to researchers, remains largely unfixed in older models. But Honda owners may be able to take some action to protect themselves against this attack.
Researchers Trace LAPSUS$ Cyber Attacks to 16-Year-Old Hacker from England
From wireless unlocking to keyless engine start
This week, multiple researchers disclosed a vulnerability that can be used by a nearby attacker to unlock some Honda and Acura car models, and start their engines wirelessly.
The vulnerability, tracked as CVE-2022-27254, is a Man-in-the-Middle (MitM) attack or more specifically a replay attack in which an attacker intercepts the RF signals normally sent from a remote key fob to the car, manipulates these signals, and re-sends these at a later time to unlock the car at will.
A video shared by the researchers also demonstrates the remote engine start aspect of the flaw—although no technical details or proof-of-concept (PoC) exploit code were shared at this time:
In 2020, Berry had reported a similar flaw (CVE-2019-20626) affecting the following Honda and Acura models but alleged that Honda ignored his report and “continued to implement 0 security measures against this very simple ‘replay/replay and edit’ attack.”
- 2009 Acura TSX
- 2016 Honda Accord V6 Touring Sedan
- 2017 Honda HR-V (CVE-2019-20626)
- 2018 Honda Civic Hatchback
- 2020 Honda Civic LX
honda hacker attack
