PT-2025-25421 · Unknown · Cyclone Matrix Trf Smart Keyless Entry System
Danilo Erazo
·
Published
2025-06-13
·
Updated
2025-07-22
·
CVE-2025-6030
CVSS v4.0
9.4
Critical
| Vector | AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Cyclone Matrix TRF Smart Keyless Entry System versions (affected versions not specified)
Description
The issue concerns the use of fixed learning codes in the Key Fob Transmitter, which allows a replay attack. Research was completed on the 2024 KIA Soluto, and the attack was confirmed on other KIA models in Ecuador. This poses a risk to cars equipped with the Cyclone Matrix TRF Smart Keyless Entry System.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cyclone Matrix Trf Smart Keyless Entry System