Researchers have released videos showing the use of a radio transceiver to remotely lock, unlock and start a 10th generation (2016-2021) Honda Civic. The videos serve as evidence of the hackers’ ability to exploit a vulnerability in Honda’s remote keyless system. The vulnerability is listed in the National Vulnerability Database (NVD) as CVE-2022-27254.
Honda’s remote keyless system sends the same radio frequency (RF) code for the range request, rather than using a rolling code technique that changes the code after each request. As a result, Hondas and Acuras are open to replaying Man-in-the-Middle (MitM) attacks, where a nearby attacker intercepts RF codes sent by the remote keyless system and later uses them to lock, unlock or remote start the auto. If Honda’s remote keyless system used rolling codes, a code intercepted by an attacker could not be reused, but, since the codes are fixed, an attacker could retransmit an intercepted code and successfully lock, unlock or start at distances the target vehicle.
A Honda spokesperson told BleepingComputer that they have not checked for these vulnerabilities, but if the company’s vehicles are vulnerable, “Honda has no plans to update older vehicles. for the moment”. The spokesperson added that “it is important to note that while Honda regularly improves security features as new models are introduced, determined and technologically sophisticated thieves also strive to overcome these features.” The spokesperson also pointed out that this hack is relatively sophisticated compared to other means thieves can use to gain access to vehicles and requires thieves to be near a vehicle while the owner is using the remote keyless system. .