Honda: Security Vulnerabilities
The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unlock operations and force a resynchronization after capturing five consecutive valid RKE signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely.
CVSS Score
6.4
EPSS Score
0.005
Published
2022-08-24
The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626.
CVSS Score
5.3
EPSS Score
0.026
Published
2022-03-23
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization.
CVSS Score
5.3
EPSS Score
0.041
Published
2022-01-06
The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-03-23
Honda Moto LINC 1.6.1 does not verify SSL certificates.
CVSS Score
5.9
EPSS Score
0.003
Published
2017-09-06