Vulnerability Details CVE-2018-16806
A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.3
References
Products affected by CVE-2018-16806
-
cpe:2.3:h:pektron:passive_keyless_entry_and_start_system:-
-
cpe:2.3:o:pektron:passive_keyless_entry_and_start_system_firmware:-