Vulnerability on Honda cars lets hackers unlock doors, start engine
A new vulnerability has surfaced on Honda cars that allows hackers to access the them, unlock doors and start the engines. The affected vehicles include the ones that that were made between 2012 and 2022, a report by CarScoops said. The vulnerability on Honda vehicles allow hackers to go back to one of those previously used codes and access the vehicle such that they can even drive away with it.
A hacker researcher that goes by the name Kevin2600 on Twitter published a research on hacking Honda keyfob system while another hacker RobDrivesCars, found that he could also recreate the vulnerability independently. Due to the way the vulnerability functions, it is been called Rolling PWN by its finders. “I was able to replicate the Rolling Pwn exploit using two different key captures from two different times," RobDrivesCars wrote.
The hacking research report posted on Twitter illustrates how the new hack is different from the fixed-code hack and talks about how it might also apply to other brands. The report also suggested an update to the code to close the loophole but it depends on how seriously Honda takes this and if the brand feels that there is something to worry about.
The research also clarified that this is not the technology that allows a person to record a key fob signal and then replay it. However, it was that vulnerability that led to a new type of fob code which is rolling on to a new one. Yet, this should prevent someone from simply recording a code and replaying it, since each time it’s used, a new code rolls over the old one.