Security News > 2022 > March > Honda’s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles
A duo of researchers has released a proof-of-concept demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what's called a replay attack.
The attack is made possible, thanks to a vulnerability in its remote keyless system that affects Honda Civic LX, EX, EX-L, Touring, Si, and Type R models manufactured between 2016 and 2020.
The underlying issue is that the remote key fob on the affected Honda vehicles transmits the same, unencrypted radio frequency signal to the car, effectively enabling an adversary to intercept and replay the request at a later time to wirelessly start the engine as well as lock and unlock the doors.
This is not the first time a flaw of this kind has been uncovered in Honda vehicles.
A related issue discovered in 2017 Honda HR-V models is said to have been "Seemingly ignored" by the Japanese company, Berry alleged.
We have asked Honda for a comment, and we will update the story once we hear back.
News URL
https://thehackernews.com/2022/03/hondas-keyless-access-bug-could-let.html