Honda Civic is vulnerable to hacker attacks

Honda Civic models released between 2016 and 2020 contain vulnerabilities that allow attackers to intercept and retransmit keychain codes.

Keyless access exploits are nothing new. Any attacker, armed with suitable equipment, can determine the lock or unlock code and re-transmit it. The problem that some Honda cars are subject to clearly demonstrates that car manufacturers have not yet adapted their technologies to known threats.

The vulnerability CVE-2022-27254 was discovered by four researchers – Professors Hong Liu and Ruolin Zhou from the University of Massachusetts, computer specialist Blake Berry and Sam Curry, CSO Cybereason. According to the study, Honda Civic LX, EX, EX-L, Touring, Si and Type R cars released between 2016 and 2020 have this problem.

According to experts, “different Honda cars send the same unencrypted radio frequency signal every time the door is opened or closed, the trunk is opened and the remote start is started. This allows an attacker to eavesdrop on the request and conduct a repeat attack.” The GitHub page created for this vulnerability contains three separate proof-of-concept videos demonstrating the results of the study.

To carry out the attack, the attackers needed only a few easily accessible components: a laptop, a set of GNURadio development tools, Gqrx software-defined radio receiver (SDR), access to a website FCCID.io and HackRF One SDR. Spending on the attack (in addition to owning a laptop) will amount to only $ 300, the cost of HackRF One. All the software used in the attack is free and open source.

A common problem

The CVE page of the discovered vulnerability also mentions another one – CVE-2019-20626. This problem was discovered in 2017 Honda HR-V cars by Paraguayan safety researcher Victor Casares, and disclosed in a Medium publication in 2019.

An unrelated but similar problem in the 2012 Honda Civics allows for a similar attack, but with a different reason: a non-expiring rolling code (a non-expiring rolling code) and re-synchronization of the counter. Note that the problem concerns not only Honda. In 2016, The Register reported on an experiment in which researchers cloned a Volkswagen keychain and were able to use it to potentially unlock 100 million cars.

According to the researchers who discovered the vulnerability, vehicle owners do not have many protection options as long as manufacturers continue to use static codes. According to the researchers, the sliding codes, which change every time a button is pressed, are “a security technology used to provide a new code for each authentication of a remote keyless access (RKE) or passive keyless access (PKE) system.

According to the researchers, PKE systems are much better compared to RKE systems. Without relying on a keychain for transmission, the car itself is constantly looking for a passive radio frequency keychain, for example, a door key card, and as soon as it is close enough, the car automatically unlocks. The mandatory requirement of finding a key card near the car makes such an attack much more difficult.

If you are a victim of such an attack, the researchers recommend that you immediately go to the dealership and ask to reset the keychain. And for prevention, put the car keys in the Faraday cage.