"Researchers Hack Remote Keyless System of Honda Vehicles"

A researcher at the University of Massachusetts Dartmouth has published Proof-of-Concept (PoC) videos demonstrating how an attacker can remotely unlock a Honda vehicle's doors or start its engine. The attack is made possible by a vulnerability contained by the car manufacturer's remote keyless system. The vulnerability appears to impact all Honda Civic (LX, EX, EX-L, Touring, Si, and Type R) models between 2016 and 2020. It stems from the use of the same unencrypted radio frequency (RF) signal for commands that remotely unlock/lock doors, open the boot, or start the engine remotely. Therefore, an attacker in a man-in-the-middle (MITM) position could listen in on the request and then use it to perform a replay attack. An attacker can record the remote signal sent by the car owner to wirelessly open and start the vehicle, and then perform the same action by themselves later. This article continues to discuss the demonstrated attack against a Honda vehicle to unlock its doors and start its engine. 

Security Week reports "Researchers Hack Remote Keyless System of Honda Vehicles"