CVE-2022-27254

Description from NVD

The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626.

Information Acquisition Date:2022-04-03T05:18Z

CVSS 2.0: 2.9 LOW CVSS 3.x: 5.3 MEDIUM

▼ CVSS3 Vec CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:A/AC:M/Au:N/C:N/I:P/A:N

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://drive.google.com/file/d/1MtmWfBs1r6Y3JN1HpbNsZqO1GcsdgPdc/view?usp=sharing
source:MISC
tags:Exploit Third Party Advisory

https://github.com/nonamecoder/CVE-2022-27254
source:MISC
tags:Exploit Third Party Advisory

https://news.ycombinator.com/item?id=30804702
source:MISC
tags:Exploit Issue Tracking Third Party Advisory

https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty
source:MISC
tags:Exploit Third Party Advisory

https://www.theregister.com/2022/03/25/honda_civic_hack/
source:MISC
tags:Exploit Third Party Advisory

https://www.bleepingcomputer.com/news/security/honda-bug-lets-a-hacker-unlock-and-start-your-car-via-replay-attack/
source:MISC
tags:Exploit Third Party Advisory

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URL	Num of Times Referred to
https://cvetrends.com	52
http://cyberiqs.com/latestnews	37
http://twinybots.ch	29
https://news.ycombinator.com/item?id=30804702	6
https://www.theregister.com/2022/03/25/honda_civic_hack	4
https://ift.tt/IiETVrZ	3
http://earmas.ga	3
https://github.com/nonamecoder/CVE-2022-27254	3
https://twitter.com/CVEnew/status/1506764049798807558	3
https://tweetedtimes.com/v/16326?s=tnp	3
https://www.kitploit.com/2022/03/cve-2022-27254-poc-for-vul...	3
https://www.securityweek.com/researchers-hack-remote-keyles...	3
https://www.bleepingcomputer.com/news/security/honda-bug-le...	3

Information from Twitter

User	URL	Info Source	Date
segmentaryupsu1	https://nvd.nist.gov/vuln/detail/CVE-2022-27254	Source segmentaryupsu1 1609021873345466369	2022/12/31

List of frequently cited URLs

URL	Num of Times Referred to
cvetrends.com	52
cyberiqs.com	37
twinybots.ch	29
news.ycombinator.com	6
www.theregister.com	4
ift.tt	3
earmas.ga	3
github.com	3
twitter.com	3
tweetedtimes.com	3
www.kitploit.com	3
www.securityweek.com	3
www.bleepingcomputer.com	3

Information from Twitter

User	URL	Info Source
segmentaryupsu1	nvd.nist.gov	Show Tweet

GitHub Search Results: Up to 10

Name	URL
nonamecoder/CVE-2022-27254	https://github.com/nonamecoder/CVE-2022-27254

GitHub Search Results: Up to 10

Name	URL
nonamecoder/CVE-2022-27254	github.com

2022/12/31 Score : 1
Added Har-sia Database : 2022/03/24
Last Modified : 2022/12/31
Highest Scored Date : 2022/03/26
Highest Score : 70