Tuesday, January 4, 2022

Honda-Civic Keyfob system affected by Counter resynchronization attack (CVE-2021-46145)

Capture in advance and replay after attack successfully tested on Honda-Civic 2012. However, it will only work once, due to Honda Civic has applied the mechanism of the rolling code to prevent replay attacks such as this.


After each key was pressed, the rolling codes synchronizing counter increased. But the keyfob receiver will accept a sliding window of codes, to avoid accidental key pressing by design.
By replaying the previously eavesdropped Lock/Unlock commands in a special sequence to the Honda-Civic, it will be resynchronizing the counter. Once the counter resynced, commands from the previous cycle of the counter can be replayed again.

Since it’s only successfully tested on Honda-Civic 2012, How many others may also have been affected by this vulnerability remain unknown.






1 comment:

  1. I have been browsing over the net for days now and boom I felt on this interesting article which helped me change my mind set , I also learn a lot about Malta country and HOW TO GET MALTA CITIZENSHIP ONLINE SMOOTHLY WITHOUT ANY STRESS I've bookmark your site and furthermore include RSS. keep us refreshed all the time. Y’all don’t forget to join this EXPERTS TELEGRAM GROUP for more information about the Malta Citizenship and how to acquire them easily with no stress. You can also take advantage to learn and meet many Experts who will guide you on numerous techniques for anyone who love hacking and don’t know how to go about it .

    ReplyDelete