Honda vehicles now have a new vulnerability that lets hackers enter them, open doors, and start engines. According to a report by CarScoops, vulnerable automobiles include those produced between 2012 and 2022. Honda automobiles have a vulnerability that enables hackers to access the vehicle and potentially drive off with it by using one of those previously used codes.
The Honda key fob system was breached by a computer researcher who goes by the handle Kevin2600 on Twitter, and another hacker, RobDrivesCars, independently discovered the vulnerability. The vulnerability's discoverers have given it the moniker "Rolling PWN" because to the way it operates. According to RobDrivesCars, I was able to duplicate the Rolling Pwn attack utilising two distinct key grabs from two different periods.
The hacking study report, which was shared on Twitter, explains the differences between the new breach and the fixed-code exploit as well as how it might be applicable to other businesses. The audit also recommended updating the code to seal the gap, but whether Honda takes this seriously and whether the company believes there is cause for concern will depend on how seriously it takes the findings.
The study also made it clear that this technology does not allow one to capture a key fob signal and play it back later. But it was this weakness that gave rise to a new kind of fob code, which is now spreading to another. This should stop someone from simply recording a code and playing it back, though, as a new code replaces the old one each time it is used.