Multiple researchers disclosed a vulnerability this week that would allow nearby attackers to unlock and even start some Honda and Acura cars.
To carry out the attack, threat actors would capture the R signals sent from a key fob to a car, then resending these signals to unlock the car and even start the engine from a short distance.
According to researchers, the vulnerability is largely unfixed, especially in more outdated models.
Honda owners, however, may be able to protect themselves from this attack.
Researchers suggest that the vulnerability, tracked as CVE-2022-27254, can be mitigated somewhat by storing the car’s key fob in a signal-blocking “Faraday pouch”. This method will not, however, protect against attackers eavesdropping on signals when the fob is in use.
