Rolling-PWN security flaw lets attackers unlock and start Honda cars remotely

[Rual dV]

Honda security flaw lets attackers unlock and start cars remotely

Star-V Lab security researchers Kevin2600 and Wesley Li have discovered a rolling code mechanism exploit that lets attackers unlock and start keyless Honda vehicles remotely.

The “Rolling-PWN” attack involves attackers intercepting the communications between the vehicle and its keyfob and “replaying” or resubmitting these to the vehicle to gain access.

 

[GMAN03]

FML. Now the insurance will deny my claim due to lack of forced entry saying it was remote jamming and I didn't check that my car was locked when in fact it was locked and this exploit was used. Hopefully our local syndicates aren't advanced enough to take advantage of this.

 

[DapperDanMan]

How quickly will the recalls (for patch fixes) be issued worldwide?

FML

Unknown Honda model

 

[GMAN03]

How quickly will the recalls (for patch fixes) be issued worldwide?

You're assuming there will be a recall. I don't know if this qualifies as safety related so unless they're into goodwill I doubt there will be one, except where market specific laws require it.

 

[GMAN03]

Unknown Honda model

That would be the FM-L

 

[The_Ogre]

Wow, and Honda is too proud to admit the bug exists.

https://twitter.com/x/status/1545574914744143872

 

[BadMuther]

So how will this effectt people with Cartrack or Netstar Recovery Warranties.

 

[BadMuther]

Do you think people will start to dump their Honda cars now that their is this security flaw ?

 

[Longboi]

It's been known for months already on the Dark web. Dirt easy to get a device to unlock and start almost any keyless entry vehicle.

 

[DapperDanMan]

to unlock and start almost any keyless entry vehicle.

Which brands are immune?

 

[Longboi]

Which brands are immune?

Renault, Newer VW's, Rolls Royce, Ferrari, Tesla and a few others. You need more expensive hardware to unlock rolling code vehicles though.