GitHub - nonamecoder/CVE-2022-27254: PoC for vulnerability in Honda's Remote Key...
source link: https://github.com/nonamecoder/CVE-2022-27254
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
CVE-2022-27254
PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254)
Disclaimer:
For educational purposes only.
Summary:
This is a proof of concept for CVE-2022-27254, wherein the remote keyless system on various Honda vehicles send the same, unencrypted RF signal for each door-open, door-close, boot-open and remote start(if applicable). This allows for an attacker to eavesdrop on the request and conduct a replay attack.
POC videos:
Remote.start.sequence.mp4
Door.unlock.sequence.mp4
Door.lock.sequence.mp4
Vehicles Affected:
• 2016-2020 Honda Civic(LX, EX, EX-L, Touring, Si, Type R)
Important Notes:
•Key fob FCC ID: KR5V2X
•Key fob frequency: 433.215MHz
•Key fob modulation: FSK
Tools used:
•FCCID.io
•HackRF One
•Gqrx
•GNURadio
Prevention:
-
Manufacturers:
- Manufacturers must implement Rolling Codes, otherwise known as hopping code. It is a security technology commonly used to provide a fresh code for each authentication of a remote keyless entry (RKE) or passive keyless entry (PKE) system.
-
Consumers:
- Utilize a Faraday Pouch for the key fob.
- Use the PKE as opposed to the RKE, this would make it significantly harder for an attacker to clone/read the signal due to the proximity they would need to be at to do so.
The precautions mentioned above ARE NOT foolproof
If you believe that you are a victim of this attack, the only current mitigation is to reset your key fob at the dealership.
Credits:
•HackingIntoYourHeart •Prof. Hong Liu •Sam Curry •Prof. Ruolin Zhou
References:
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK