Danilo Erazo

**Name of the Vulnerable Software and Affected Versions** Micca KE700 (affected versions not specified) **Description** The system has flawed resynchronization logic, making it susceptible to replay attacks. An attacker can exploit this by sending two previously captured codes in a specific sequence, forcing the system to accept stale rolling codes and execute a command. Successful exploitation allows the attacker to clone the alarm key, granting unauthorized access to the vehicle, enabling them to lock or unlock the doors remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Micca KE700 (affected versions not specified) **Description** The system uses a 6-bit portion of an identifier for authentication within rolling codes, resulting in only 64 possible combinations. This limited entropy enables an attacker to perform a brute-force attack to predict the next valid rolling code, potentially granting unauthorized access to the vehicle. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Micca KE700 versions (affected versions not specified) **Description** The RF communication protocol does not encrypt data frames. An attacker equipped with a radio interception tool, such as an SDR, can capture cleartext random numbers and counters. This captured information is sensitive and required for authentication. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An unauthenticated Telnet access issue exists in Calix GigaCenter ONT, allowing root access. Recommendations: Disable Telnet access on Calix GigaCenter ONT version 844E. Disable Telnet access on Calix GigaCenter ONT version 844G. Disable Telnet access on Calix GigaCenter ONT version 844GE. Disable Telnet access on Calix GigaCenter ONT version 854GE.

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An OS Command Injection issue exists in Calix GigaCenter ONT (Quantenna SoC modules). Authenticated attackers possessing 'super' user credentials can execute arbitrary OS commands due to improper input validation, potentially leading to full system compromise. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Description: An issue exists in Calix GigaCenter ONT (Quantenna SoC modules) that allows administrative access to the web interface due to insecure storage of sensitive information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E Calix GigaCenter ONT versions 844G Calix GigaCenter ONT versions 844GE Calix GigaCenter ONT versions 854GE Calix GigaCenter ONT versions 812G Calix GigaCenter ONT versions 813G Calix GigaCenter ONT versions 818G Description: An excessive privileges issue exists in Calix GigaCenter ONT (Quantenna SoC modules) that allows privilege abuse. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Calix GigaCenter ONT versions 844E, 844G, 844GE, 854GE, 812G, 813G, 818G Description: A privilege abuse issue exists in Calix GigaCenter ONT (Broadcom SoC modules) due to excessive privileges. Recommendations: Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 844E. Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 844G. Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 844GE. Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 854GE. Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 812G. Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 813G. Apply the necessary configuration changes to restrict privileges on the GigaCenter ONT version 818G.

**Name of the Vulnerable Software and Affected Versions** KIA-branded Aftermarket Generic Smart Keyless Entry System versions 2022 through 2025 **Description** The issue is related to the use of fixed learning codes in the Key Fob Transmitter, which allows a replay attack. This affects KIA vehicles in Ecuador, primarily those using outdated key fobs with vulnerable chips. Attackers can exploit this to unlock vehicles remotely. The estimated number of affected devices is not specified. **Recommendations** For KIA-branded Aftermarket Generic Smart Keyless Entry System versions 2022 through 2025, consider disabling the keyless entry feature until a patch is available. Restrict access to the key fob transmitter to minimize the risk of exploitation. Avoid using the vulnerable chips HS2240 and EV1527 in the key fobs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cyclone Matrix TRF Smart Keyless Entry System versions (affected versions not specified) **Description** The issue concerns the use of fixed learning codes in the Key Fob Transmitter, which allows a replay attack. Research was completed on the 2024 KIA Soluto, and the attack was confirmed on other KIA models in Ecuador. This poses a risk to cars equipped with the Cyclone Matrix TRF Smart Keyless Entry System. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.