2023年5月15日星期一

Nissan Sylphy Classic 2021 Fixed Code Vulnerability

Last year a security researcher Ayyappan Rajesh found a fixed code keyfob vuln for the Honda vehicles (CVE-2022-27254). According to him it affected 2016-2020 Honda Civic (LX, EX, EX-L, Touring, Si, Type R). 

More details can be found on (https://github.com/nonamecoder/CVE-2022-27254) and his DEFCON talk (https://www.youtube.com/watch?v=AxkRnUnvYWw)


Turns out this may not be the Honda-only issue. A few days ago we found another fixed codes vuln, but it's on Nissan Sylphy Classic 2021 this time. 


As we can see from the packets diagram, no signs of rolling codes applied to lock or unlock commands. 



Here is the video demo for this Vulnerability

                          Nissan Sylphy Classic 2021 Fixed Code Vulnerability


没有评论:

发表评论