CVE-2026-2540

The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and execute a command. Successful exploitation allows an attacker to clone the alarm key. This grants the attacker unauthorized access to the vehicle to unlock or lock the doors.

CVSS

No CVSS.

References

Link	Resource
https://asrg.io/security-advisories/cve-2026-2540/

Configurations

No configuration.

History

18 Feb 2026, 17:52

Type	Values Removed	Values Added
Summary		(es) El sistema Micca KE700 contiene lógica de resincronización defectuosa y es vulnerable a ataques de repetición. Este ataque requiere el envío de dos códigos previamente capturados en una secuencia específica. Como resultado, el sistema puede ser forzado a aceptar códigos rotatorios previamente usados (obsoletos) y ejecutar un comando. La explotación exitosa permite a un atacante clonar la llave de la alarma. Esto otorga al atacante acceso no autorizado al vehículo para desbloquear o bloquear las puertas.

15 Feb 2026, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-02-15 11:15

Updated : 2026-02-18 17:52

NVD link : CVE-2026-2540

Mitre link : CVE-2026-2540

CVE.ORG link : CVE-2026-2540

JSON object : View

Products Affected

No product.

CWE

CWE-288

Authentication Bypass Using an Alternate Path or Channel

CWE-294

Authentication Bypass by Capture-replay

{"id": "CVE-2026-2540", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "cve@asrg.io", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:D/RE:M/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2026-02-15T11:15:55.070", "references": [{"url": "https://asrg.io/security-advisories/cve-2026-2540/", "source": "cve@asrg.io"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@asrg.io", "description": [{"lang": "en", "value": "CWE-288"}, {"lang": "en", "value": "CWE-294"}]}], "descriptions": [{"lang": "en", "value": "The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and execute a command. Successful exploitation allows an attacker to clone the alarm key. This grants the attacker unauthorized access to the vehicle to unlock or lock the doors."}, {"lang": "es", "value": "El sistema Micca KE700 contiene l\u00f3gica de resincronizaci\u00f3n defectuosa y es vulnerable a ataques de repetici\u00f3n. Este ataque requiere el env\u00edo de dos c\u00f3digos previamente capturados en una secuencia espec\u00edfica. Como resultado, el sistema puede ser forzado a aceptar c\u00f3digos rotatorios previamente usados (obsoletos) y ejecutar un comando. La explotaci\u00f3n exitosa permite a un atacante clonar la llave de la alarma. Esto otorga al atacante acceso no autorizado al veh\u00edculo para desbloquear o bloquear las puertas."}], "lastModified": "2026-02-18T17:52:22.253", "sourceIdentifier": "cve@asrg.io"}