Honda: a security flaw allows hackers to unlock and start cars remotely

A team of security researchers has just discovered that several Honda cars have a very vulnerable rolling code mechanism that allows the cars to be unlocked or even started remotely.

honda car steering wheel

Significant security vulnerabilities that malicious hackers can exploit are still quite rare these days. But some of them are sometimes unfortunately spotted by hacking experts. Recently, a 19-year-old cybersecurity specialist managed to control 25 Tesla cars by exploiting a security flaw. Today, it is the cars of the Honda brand that risk finding themselves in the same situation.

A team of security researchers has just discovered that several Honda cars have a rolling code mechanism which is very vulnerable. This significant security flaw can thus allow hackers to unlock cars or even worse, to start them remotely. The researchers claim to have tested the attack on Honda models between 2021 and 2022, but including with the popular models below:

  • 2012 Honda Civic
  • 2018 Honda X-RV
  • 2020 Honda C-RV
  • 2020 Honda Accord
  • 2020 Honda Odyssey
  • 2021 Honda Inspire
  • 2022 Honda Fit
  • Honda Civic 2022
  • 2022 Honda VE-1
  • 2022 Honda Breeze

Researchers find security flaw in Honda cars, hackers can start and unlock cars remotely

The security flaw is called RollingPWN, and it operates a component of Honda’s keyless entry system. Specifically, the current keyless entry system for Honda vehicles is based on a rolling code model that creates a new entry code each time the user presses the fob button. Once issued, the precedents must thus be rendered unusable to prevent attacks. But unfortunately for Honda owners, safety experts have discovered that the old codes could be canceled and reused to gain access to the vehicle.

Read also: Tesla, a hacker manages to install Apple Car Play in his car, this is how he did it

Security experts who discovered this huge flaw even believe that the issue could affect all Honda vehicles. The latter are currently continuing their research, and it is not said for the moment that Honda can quickly solve the problem. Honda could, however, fix this security flaw with an over-the-air firmware update, but many affected cars do not provide this kind of support.

Source :

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *