CVE-2022-36945

The Remote Keyless Entry (RKE) receiving unit on certain Mazda vehicles through 2020 allows remote attackers to perform unlock operations and force a resynchronization after capturing three consecutive valid key-fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:mazda:mazda_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mazda:mazda:-:*:*:*:*:*:*:*

Information

Published : 2022-08-23 23:15

Updated : 2022-08-31 08:41


NVD link : CVE-2022-36945

Mitre link : CVE-2022-36945


JSON object : View

CWE
CWE-294

Authentication Bypass by Capture-replay

Advertisement

dedicated server usa

Products Affected

mazda

  • mazda_firmware
  • mazda