CVE-2022-37418 : The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote at

The Remote Keyless Entry (RKE) receiving unit on certain Nissan, Kia, and Hyundai vehicles through 2017 allows remote attackers to perform unlock operations and force a resynchronization after capturing two consecutive valid key fob signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely.

Published 2022-08-24 06:15:08

Updated 2022-08-31 15:46:21

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2022-37418

Probability of exploitation activity in the next 30 days: 0.40%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2022-37418

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.4	MEDIUM	CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:H	1.2	5.2	NIST
Attack Vector: Adjacent Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Unchanged Confidentiality: None Integrity: High Availability: High

CWE ids for CVE-2022-37418

CWE-294 Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

Assigned by: nvd@nist.gov (Primary)

References for CVE-2022-37418

https://hackaday.com/2022/08/17/rollback-breaks-into-your-car/

RollBack Breaks Into Your Car | Hackaday
Exploit;Third Party Advisory

CVEs referencing this url
https://www.youtube.com/playlist?list=PLYodcy84oQL1gxwiuRm13xRXxTQL9cO5t

Before you continue to YouTube
Exploit;Third Party Advisory

CVEs referencing this url
https://www.blackhat.com/us-22/briefings/schedule/#rollback---a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-27185

RollBack - A New Time-Agnostic Replay Attack Against the Automotive Remote Keyless Entry Systems - Black Hat USA 2022 | Briefings Schedule
Exploit;Third Party Advisory

CVEs referencing this url
https://www.pcmag.com/news/is-your-car-key-fob-vulnerable-to-this-simple-replay-attack

Is Your Car Key Fob Vulnerable to This Simple Replay Attack? | PCMag
Press/Media Coverage;Third Party Advisory

CVEs referencing this url
https://medium.com/codex/rollback-a-new-time-agnostic-replay-attack-against-the-automotive-remote-keyless-entry-systems-df5f99ba9490

RollBack - A New Time-Agnostic Replay Attack Against the Automotive Remote Keyless Entry Systems | by cs.lev | Medium | CodeX
Exploit;Third Party Advisory

CVEs referencing this url

Products affected by CVE-2022-37418

KIA » Kia Firmware
Versions up to, including, (<=) 2017
cpe:2.3:o:kia:kia_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: KIA » KIA » Version: N/A
Nissan » Nissan Firmware
Versions up to, including, (<=) 2017
cpe:2.3:o:nissan:nissan_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Nissan » Nissan » Version: N/A
Hyundai » Hyundai Firmware
Versions up to, including, (<=) 2017
cpe:2.3:o:hyundai:hyundai_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Hyundai » Hyundai » Version: N/A

Vulnerability Details : CVE-2022-37418

Exploit prediction scoring system (EPSS) score for CVE-2022-37418

CVSS scores for CVE-2022-37418

CWE ids for CVE-2022-37418

References for CVE-2022-37418

Products affected by CVE-2022-37418