Vulnerability Description
The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization.
CVSS Score
5.3
MEDIUM
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Honda | Civic 2012 | - |
Related Weaknesses (CWE)
References
- http://starvlab.qianxin.com/?p=409Third Party Advisory
- https://tiger-team-1337.blogspot.com/2022/01/honda-civic-keyfob-system-affected-Third Party Advisory
- https://twitter.com/Kevin2600/status/1472070749208780804?s=20Third Party Advisory
- https://twitter.com/Kevin2600/status/1475482656871571459?s=20Third Party Advisory
- http://starvlab.qianxin.com/?p=409Third Party Advisory
- https://tiger-team-1337.blogspot.com/2022/01/honda-civic-keyfob-system-affected-Third Party Advisory
- https://twitter.com/Kevin2600/status/1472070749208780804?s=20Third Party Advisory
- https://twitter.com/Kevin2600/status/1475482656871571459?s=20Third Party Advisory
FAQ
What is CVE-2021-46145?
CVE-2021-46145 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization.
How severe is CVE-2021-46145?
CVE-2021-46145 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-46145?
Check the references section above for vendor advisories and patch information. Affected products include: Honda Civic 2012.