Vulnerability Description
Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto. Attack confirmed on other KIA Models in Ecuador.
Related Weaknesses (CWE)
References
- https://asrg.io/security-advisories/cve-2025-6030-autoeastern-smart-keyless-entr
- https://revers3everything.com/unlocking-thousands-of-cars-by-exploiting-learning
FAQ
What is CVE-2025-6030?
CVE-2025-6030 is a documented vulnerability. Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Rese...
How severe is CVE-2025-6030?
CVSS scoring is not yet available for CVE-2025-6030. Check NVD for updates.
Is there a patch for CVE-2025-6030?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.