To obtain at least partial control of the vehicle, simply recording the signal broadcast from a fob is sufficient. If the target locks their car, all the attack has to do is receive it and save it in order for the attacker to be able to replay the instruction and have the vehicle respond accordingly. So, the vehicle can be opened by recording and replaying the “unlock” instruction from the target (this works on most, if not all, Honda-produced fobs). Aside from the ability to start the vehicle’s ENGINE, the attacker can demodulate the “remote start” by recording it (using Honda’s “Smart Key” which uses frequency-shift keying) to demodulate any command, edit it, and retransmit it to control the target vehicle .
Since 03/23/2020, this vulnerability has been designated as CVE-2019-20626. It is necessary to attack on a local level and any type of authentication isn’t required for the exploitation. The price of an exploit might be about USD $0-$5k (estimation computed on 03/24/2020). According to MITRE ATT&CK, the attack method used by this problem is T1040.
 HackingIntoYourHeart (2021), Unoriginal Rice Patty. Available at https://github.com/HackingIntoYourHeart/Unoriginal-Rice-Patty
Written by Nishat Mowla