CVE-2022-36945

Name of the Vulnerable Software and Affected Versions Mazda vehicles (affected versions not specified)

Description The issue concerns the Remote Keyless Entry (RKE) receiving unit, which allows remote attackers to perform unlock operations and force a resynchronization after capturing three consecutive valid key-fob signals over the radio. This is known as a RollBack attack, enabling the attacker to retain the ability to unlock indefinitely.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.