This page aggregates publicly disclosed CVE and security risk information related to honda, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-37305 | The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unlock operations and force a resynchronization after capturing five consecutive valid RKE signals over the radio, aka a RollBack attack. The attacker retains the ability to unlock indefinitely. | [email protected] | 6.4 | 0.83% | 2022-08-24 | 2026-06-17 |
| CVE-2022-27254 | The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for a replay attack, a related issue to CVE-2019-20626. | [email protected] | 5.3 | 1.08% | 2022-03-23 | 2026-06-17 |
| CVE-2021-46145 | The keyfob subsystem in Honda Civic 2012 vehicles allows a replay attack for unlocking. This is related to a non-expiring rolling code and counter resynchronization. | [email protected] | 5.3 | 3.64% | 2022-01-06 | 2026-06-17 |
| CVE-2019-20626 | The remote keyless system on Honda HR-V 2017 vehicles sends the same RF signal for each door-open request, which might allow a replay attack. | [email protected] | 6.5 | 0.71% | 2020-03-23 | 2026-06-16 |
| CVE-2015-2943 | Honda Moto LINC 1.6.1 does not verify SSL certificates. | [email protected] | 5.9 | 0.70% | 2017-09-06 | 2026-06-16 |