CVE-2022-27254

Опубликовано: 23 мар. 2022

Источник: nvd

CVSS3: 5.3

CVSS2: 2.9

EPSS Низкий

Описание

The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626.

Ссылки

https://drive.google.com/file/d/1MtmWfBs1r6Y3JN1HpbNsZqO1GcsdgPdc/view?usp=sharing
Exploit
Third Party Advisory
https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty
Exploit
Third Party Advisory
https://github.com/nonamecoder/CVE-2022-27254
Exploit
Third Party Advisory
https://news.ycombinator.com/item?id=30804702
Exploit
Issue Tracking
Third Party Advisory
https://www.bleepingcomputer.com/news/security/honda-bug-lets-a-hacker-unlock-and-start-your-car-via-replay-attack/
Exploit
Third Party Advisory
https://www.theregister.com/2022/03/25/honda_civic_hack/
Exploit
Third Party Advisory
https://drive.google.com/file/d/1MtmWfBs1r6Y3JN1HpbNsZqO1GcsdgPdc/view?usp=sharing
Exploit
Third Party Advisory
https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty
Exploit
Third Party Advisory
https://github.com/nonamecoder/CVE-2022-27254
Exploit
Third Party Advisory
https://news.ycombinator.com/item?id=30804702
Exploit
Issue Tracking
Third Party Advisory
https://www.bleepingcomputer.com/news/security/honda-bug-lets-a-hacker-unlock-and-start-your-car-via-replay-attack/
Exploit
Third Party Advisory
https://www.theregister.com/2022/03/25/honda_civic_hack/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:honda:civic_2018_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:honda:civic_2018:-:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03825

Низкий

5.3 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-294

Связанные уязвимости

GHSA-cqjc-r43p-wj4p