In a replay attack, a hostile hacker may trick a website or service into granting them access to your account by reusing the information that the website or service uses to identify you.

If a hacker is able to locate and repeat a certain string of information, he might possibly use it to fool a website into believing that was indeed you, so gaining access to your online account.

What Happened?

According to a few researchers, a ‘replay attack’ vulnerability has been discovered in some Honda and Acura automobiles. This weakness enables a nearby hacker to unlock your vehicle and even start its engine from a short distance.

Attackers capture the radio frequency (RF) signals delivered from your key fob to the automobile and resend them in order to gain control of your car’s remote keyless entry system, according to researchers.

Attackers could use the CVE-2022-27254, to launch a Man-in-the-Middle (MitM) attack, or more specifically a replay attack, in which they intercepted and modified the RF signals normally sent from a remote key fob to the car, and then re-sent these signals at a later time in order to unlock the car at their discretion.

Blake Berry, Hong Liu and Ruolin Zhou of the University of Massachusetts, as well as Cybereason Chief Security Officer Sam Curry, are among the researchers who are credited with uncovering the vulnerability.

According to the experts, the vehicles most affected by this issue are the Honda Civic (LX, EX, EX-L, Touring, Si, and Type R) models from 2016 to 2020.

Blake Berry explained in a GitHub repository that it was also feasible to alter the intercepted orders and re-transmit them in order to produce a completely new consequence.

Manufacturers of automobiles are encouraged to incorporate “rolling codes,” also known as “hopping codes,” according to the researchers’ recommendations. Each authentication request is met with a new code generated by this security mechanism, which means that the codes cannot be “replayed” by an attacker at a later time.

Multiple manufacturers employ antiquated technology for implementing remote lock-unlock capability, according to Honda, who made the announcement to the journalists at BleepingComputer.

At this time, it appears that the devices only appear to work within close proximity or while physically attached to the target vehicle, requiring local reception of radio signals from the vehicle owner’s key fob when the vehicle is opened and started nearby.

Honda has no plan to update older vehicles at this time.

It’s important to note, while Honda regularly improves security features as new models are introduced, determined and technologically sophisticated thieves are also working to overcome those features.


If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Man-in-the Middle (MITM) Attack

Heimdal Case Files: The Honda Ransomware Attack

How 4 Types of Cyber Threats Break Your Online Security [INFOGRAPHIC]

Leave a Reply

Your email address will not be published. Required fields are marked *