ehsnils Posted October 14, 2017 Share Posted October 14, 2017 Tom Wimmenhove, a Dutch electronics designer, has discovered a flaw in the key fob system used by several Subaru models, a vulnerability the vendor has not patched and could be abused to hijack cars. The issue is that key fobs for some Subaru cars use sequential codes for locking and unlocking the vehicle, and other operations. These codes — called rolling codes or hopping code — should be random, in order to avoid situations when an attacker discovers their sequence and uses the flaw to hijack cars. https://www.bleepingcomputer.com/news/security/unpatched-exploit-lets-you-clone-key-fobs-and-open-subaru-cars/ Link to comment Share on other sites More sharing options...
ehsnils Posted October 14, 2017 Author Share Posted October 14, 2017 The problem is claimed to be on the following models: 2006 Subaru Baja 2005 - 2010 Subaru Forester 2004 - 2011 Subaru Impreza 2005 - 2010 Subaru Legacy 2005 - 2010 Subaru Outback Link to comment Share on other sites More sharing options...
utc_pyro Posted October 14, 2017 Share Posted October 14, 2017 These all use the Microchip KeeLoq system. It's been broken for a LONG time actually, this is just a sensationalized headline because someone realized we had that chipset. No real fix, but as we don't have push to start it doesn't really matter anyway. You could replace the OEM keyless entry system with an aftermarket one if it really worries you. Link to comment Share on other sites More sharing options...
covertrussian Posted October 16, 2017 Share Posted October 16, 2017 Agreed, at least we still have real keys for ignition. The annoying downside is your car's contents are a little more theft-able. It's one thing to break a window (which everyone can see/hear), but if you walk up and open it like this no one will bat an eye. 05 LGT 16G 14psi 290whp/30mpg (SOLD) 12 OBP Stock 130whp/27mpg@87 Oct 00 G20t GT28r 10psi 250whp/36mpg 22 Ascent STOCK Link to comment Share on other sites More sharing options...
YeuEmMaiMai Posted October 21, 2017 Share Posted October 21, 2017 since the power train is the same for the 11-12 Legacy and Outback (ie the car electronics are not changed) why are they not on said list? Link to comment Share on other sites More sharing options...
DrD123 Posted October 22, 2017 Share Posted October 22, 2017 Well - it's not the powertrain that matters - it's the remote/keyless entry system - no idea if it changed from 2010 to 2011. This is the exploit where they have a receiver that monitors for keyfobs and then essentially records what they send, right? (there was a special on dateline or 60 minutes that illustrated that a while back) So locking with the door vs. locking with your keyfob is the workaround to avoid the exploit. basically, the badguys would have their receiver, look for someone locking their car, then come and use the receiver to transmit the code to the car again, unlocking it. Link to comment Share on other sites More sharing options...
ehsnils Posted October 22, 2017 Author Share Posted October 22, 2017 Anyway - this is just for your general awareness. Link to comment Share on other sites More sharing options...
YeuEmMaiMai Posted October 25, 2017 Share Posted October 25, 2017 Well - it's not the powertrain that matters - it's the remote/keyless entry system - no idea if it changed from 2010 to 2011. This is the exploit where they have a receiver that monitors for keyfobs and then essentially records what they send, right? (there was a special on dateline or 60 minutes that illustrated that a while back) So locking with the door vs. locking with your keyfob is the workaround to avoid the exploit. basically, the badguys would have their receiver, look for someone locking their car, then come and use the receiver to transmit the code to the car again, unlocking it. they most likely did not change it since the car was coming up for a overhaul in '13. It would not make sense for them to change keyless entry only as it means a whole lot of testing to make sure it works with the car's electronics. An internet search show conflicting information as some keys are for 09-11 and others are 11-17 despite being the same key... Link to comment Share on other sites More sharing options...
DrD123 Posted October 26, 2017 Share Posted October 26, 2017 I am not sure what the deal is - for the keyless entry, parts.subaru.com shows 57497AJ10A as being for '11-14, and then 57497AJ00A as being for '10-12... 15+ looks like the same key fob, but they ditched the security key and went to a traditional cut key so the part number is different (57497AL00A) The circuit assembly inside the keyfob is p/n 88036AL01A for 15+, 88036AJ01A is for '10-14 and 88036AJ03A is for 11-14... so it's possible they changed the keyfob from 10 to 11, but maybe they are backwards compatible? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.