CVE-2025-6030

Published Jun 13, 2025

Last updated a month ago

CVSS critical 9.4

Overview

Description
Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto.  Attack confirmed on other KIA Models in Ecuador.
Source
cve@asrg.io
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
9.4
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X
Severity
CRITICAL

Weaknesses

cve@asrg.io
CWE-294

Social media

Hype score
Not currently trending

  1. #carhacking my cves CVE-2025-6029 and CVE-2025-6030 affects thousands of cars. Check the new: https://t.co/eH6eauIkOj https://t.co/SK3eemkfck

    @revers3vrything

    18 Jun 2025

    1054 Impressions

    9 Retweets

    15 Likes

    3 Bookmarks

    1 Reply

    0 Quotes

  2. Critical flaws (CVE-2025-6029, CVE-2025-6030) in KIA Ecuador key fobs allow remote vehicle unlocking and control via insecure learning code technology. #KIA #VehicleSecurity #KeyFobHack #Cybersecurity #Automotive https://t.co/Sqhcb042dk

    @the_yellow_fall

    16 Jun 2025

    51 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🗣️ CVE-2025-6029 & CVE-2025-6030: Replay Attacks Expose Vulnerabilities in KIA and Autoeastern Smart Keyless Entry Systems https://t.co/r1nWQkXr3i

    @fridaysecurity

    16 Jun 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚗🔓 CVE-2025-6030: Critical flaw in Autoeastern Cyclone Matrix TRF (2024) lets attackers replay key fob codes—risk of car theft. No patch yet! Details: https://t.co/g3f0BRSLoE #OffSeq #AutomotiveSecurity #CVE2025 https://t.co/6SkHtSDfL3

    @offseq

    14 Jun 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-6030 Replay Attack in KIA Soluto Key Fob Transmitter via Fixed Learning Codes https://t.co/oq0EAKeTuy

    @VulmonFeeds

    13 Jun 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. [CVE-2025-6030: CRITICAL] Keyless Entry System vulnerabilities in Cyclone Matrix TRF models put cars at risk. Research uncovers replay attack risk on KIA models, prompting caution.#cve,CVE-2025-6030,#cybersecurity https://t.co/rN7Hu8Frx9 https://t.co/rExHOFegfA

    @CveFindCom

    13 Jun 2025

    41 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.