Vulnerability in Pektron Passive Keyless Entry and Start (PKES) System Allows Key Fob Cloning

Vulnerability in Pektron Passive Keyless Entry and Start (PKES) System Allows Key Fob Cloning

CVE-2018-16806 · LOW Severity

AV:A/AC:L/AU:N/C:N/I:P/A:N

A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access via an approach involving a 5.4 TB precomputation, followed by wake-frame reception and two challenge/response operations, to clone a key fob within a few seconds.

Learn more about our Web Application Penetration Testing UK.