exploitDog

CVE-2019-20626

Опубликовано: 23 мар. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 3.3

EPSS Низкий

Описание

The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack.

Ссылки

https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty
Exploit
Third Party Advisory
https://medium.com/%40victor_14768/replay-attacks-en-autos-206481dcfee1
https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty
Exploit
Third Party Advisory
https://medium.com/%40victor_14768/replay-attacks-en-autos-206481dcfee1

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:honda:hr-v_2017_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:honda:hr-v_2017:-:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00104

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-294

Связанные уязвимости

GHSA-gmw6-384q-c4pf

github

больше 3 лет назад

The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack.

EPSS

Процентиль: 29%

0.00104

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-294