There’s one more security flaw affecting Honda cars and this time it’s a very serious one.

Deepak Gupta July 12, 2022
Updated 2022/07/12 at 12:54 AM

Honda drivers have been plagued with safety issues. These are accumulating and jeopardizing not only the systems that equip these vehicles but also the users’ own assets.

A new flaw has been discovered and this time it allows full access to Honda cars. These are no longer safe and can even be put to work remotely, by any attacker who wants to.

<!–

PUB

–>

Computer security concepts are already far from the borders of computers and the Internet. With the Internet of Things these problems are now everywhere and increasingly present, even in cars and other vehicles.

This scenario is now happening in Honda cars, which are vulnerable and exposed to safety issues. The list of affected models identifies 10 of Honda's most popular models. The researchers believe the vulnerability could be present on all Honda vehicles from 2012 to 2022.

With the name RollingPWN, this flaw exploits a component of Honda's keyless access system. This one relies on a continuous code model that creates a new entry code each time the owners press the button.

Once issued, the former must be rendered unusable, which does not happen and allows them to be reversed and used to gain unwanted access to the vehicle.

Unfortunately, creating a patch to fix this vulnerability by Honda can be as complex as the attackers exploiting it.

Honda can fix the glitch via an over-the-air (OTA) firmware update, but many of the affected cars do not have this support. Most of these make a recall scenario unlikely.

For now, research to assess the impact of this security flaw is still ongoing by investigators. Based on the nature of the attack, there are strong suspicions that this issue could affect other vendors using similar systems.

This is just one more situation in Honda's history of safety failures. At the beginning of 2022, the brand already had a similar problem, which was exploiting the signal used to unlock the cars. There was even a Y2K22 error that caused the brand's cars to lose the date and time.

!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version='2.0';n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,'script','https://connect.facebook.net/en_US/fbevents.js');
fbq('init', '1664527397186427'); // Insert your pixel ID here.
fbq('track', 'PageView');
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/pt_PT/sdk.js#xfbml=1&version=v2.3&appId=122308327859118";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));

Share this Article
Leave a comment

Leave a Reply

Your email address will not be published.