Filtered by vendor Micca Auto Electronics
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2539 | 1 Micca Auto Electronics | 1 Car Alarm System Ke700 | 2026-02-16 | N/A |
| The RF communication protocol in the Micca KE700 car alarm system does not encrypt its data frames. An attacker with a radio interception tool (e.g., SDR) can capture the random number and countersĀ transmitted in cleartext, which is sensitive information required for authentication. | ||||
| CVE-2026-2540 | 1 Micca Auto Electronics | 1 Car Alarm System Ke700 | 2026-02-16 | N/A |
| The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and execute a command. Successful exploitation allows an attacker to clone the alarm key. This grants the attacker unauthorized access to the vehicle to unlock or lock the doors. | ||||
| CVE-2026-2541 | 1 Micca Auto Electronics | 1 Car Alarm System Ke700 | 2026-02-16 | N/A |
| The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle. | ||||
Page 1 of 1.