At its core, this is pretty easy to understand, and isn't especially novel, but it is an interesting area, stealing cars so worth covering.The core problem is simply that inside of a modern vehicle you have the Controller Area Network Bus (CAN Bus)...
A total of either issues impacting various companies in the automotive industry, mix of issues from simple SQL injection to some interesting Single Sign On (SSO) implementation decisions.
The RH850 is an automotive MCU which features SecureOnboard Communication or SecOC, which includes read protections to prevent the ability to dump the ROM over serial.After reversing the protocol with a logic analyzer, they discovered the authentication was only gated on the sync command (which is required before any other commands are acknowledged)...
The title pretty accurately describes this issue, there is little to no security implemented within Honda and Acura keys/remotes.An attacker can simply capture and then replay it at a later time to the vehicle...
Two vulnerabilities, both in ConnMann a root service for managing network connections, a stack-based overflow and a stack leak.
Porting of a V8 nday to Tesla Model 3.The vuln is older (from 2020) and is a turbofan optimizer based bug...