Friday, May 13, 2022

MCK-Lock predictable rolling codes design flaw (CVE-2022-30111)

The keyspace of rolling codes for MCK Lock is predictable. It is vulnerable to replay attacks. 

The methods to test:

1) Capture the unlock code with HackRF from the genuine MCK remote keyfob.

2) Replay the captured code, it will unlock the lock within 10 - 20 times attempts.

The POC Demo:

https://www.youtube.com/watch?v=EruaGuE-cWI



No comments:

Post a Comment