CVE-2021-46145

Опубликовано: 06 янв. 2022

Источник: nvd

CVSS3: 5.3

CVSS2: 2.9

EPSS Низкий

Описание

The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization.

Ссылки

http://starvlab.qianxin.com/?p=409
Third Party Advisory
https://tiger-team-1337.blogspot.com/2022/01/honda-civic-keyfob-system-affected-by.html
Third Party Advisory
https://twitter.com/Kevin2600/status/1472070749208780804?s=20
Third Party Advisory
https://twitter.com/Kevin2600/status/1475482656871571459?s=20
Third Party Advisory
http://starvlab.qianxin.com/?p=409
Third Party Advisory
https://tiger-team-1337.blogspot.com/2022/01/honda-civic-keyfob-system-affected-by.html
Third Party Advisory
https://twitter.com/Kevin2600/status/1472070749208780804?s=20
Third Party Advisory
https://twitter.com/Kevin2600/status/1475482656871571459?s=20
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:honda:civic_2012:-:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01839

Низкий

5.3 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-294

Связанные уязвимости

GHSA-8q6q-9f65-vrcx

github

около 4 лет назад