Vulnerabilities > Honda

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2022-37305 Authentication Bypass by Capture-replay vulnerability in Honda Firmware
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unlock operations and force a resynchronization after capturing five consecutive valid RKE signals over the radio, aka a RollBack attack.
high complexity
honda CWE-294
6.4
2022-03-23 CVE-2022-27254 Authentication Bypass by Capture-replay vulnerability in Honda Civic 2018 Firmware
The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626.
high complexity
honda CWE-294
5.3
2022-01-06 CVE-2021-46145 Authentication Bypass by Capture-replay vulnerability in Honda Civic 2012
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking.
high complexity
honda CWE-294
5.3
2020-03-23 CVE-2019-20626 Authentication Bypass by Capture-replay vulnerability in Honda Hr-V 2017 Firmware
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack.
low complexity
honda CWE-294
6.5
2017-09-06 CVE-2015-2943 Improper Certificate Validation vulnerability in Honda Moto Linc 1.6.1
Honda Moto LINC 1.6.1 does not verify SSL certificates.
network
high complexity
honda CWE-295
5.9