CVE-2026-49319 | THREATINT

Description

Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a legitimate key fob can later replay the same pair of transmissions repeatedly. During testing, replaying the first captured transmission caused the RKES to enter a state in which replaying the second captured transmission resulted in a successful lock or unlock operation of the vehicle. Tested and confirmed on a 2024 Suzuki Swift (SWIFT ISG GLS AC 1.2 5P 4x2 TM).

PUBLISHED Reserved 2026-05-29 | Published 2026-06-25 | Updated 2026-06-26 | Assigner ASRG

MEDIUM: 6.5CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

MEDIUM: 6.9CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N

Problem types

CWE-294 Authentication Bypass by Capture-replay

Product status

Default status

unknown

R53R0 (custom)

affected

Credits

Danilo Erazo (Automotive Cybersecurity Researcher) finder

References

fccid.io/CWTR53R0 product

www.asrg.io/...-49319-suzuki-swift-2024-rkes-rollback-replay third-party-advisory

cve.org (CVE-2026-49319)

nvd.nist.gov (CVE-2026-49319)

Download JSON