Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Submission + - Unpatched Exploit Lets You Clone Key Fobs and Open Subaru Cars (bleepingcomputer.com)

An anonymous reader writes: Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars. The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations. These codes — called rolling codes or hopping code — should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars. This is exactly what Wimmenhove did. He created a device that sniffs the code, computes the next rolling code and uses it to unlock cars. The entire device costs between $15 and $30.

The researcher said he reached out to Subaru about his findings. "I did [reach out]. I told them about the vulnerability and shared my code with them," Wimmenhove told Bleeping. "They referred me to their 'partnership' page and asked me to fill in a questionnaire. It didn't seem like they really cared and I haven't heard back from them." A video of the exploit in action is available here.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Unpatched Exploit Lets You Clone Key Fobs and Open Subaru Cars

Comments Filter:

"Everyone is entitled to an *informed* opinion." -- Harlan Ellison

Working...