CVE-2026-49319: CWE-294 Authentication Bypass by Capture-replay in Alps Electric Co., Ltd. Remote Keyless Entry System (RKES) R53R0
Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a legitimate key fob can later replay the same pair of transmissions repeatedly. During testing, replaying the first captured transmission caused the RKES to enter a state in which replaying the second captured transmission resulted in a successful lock or unlock operation of the vehicle. Tested and confirmed on a 2024 Suzuki Swift (SWIFT ISG GLS AC 1.2 5P 4x2 TM).
AI Analysis
Technical Summary
CVE-2026-49319 describes a vulnerability in the Alps Electric RKES R53R0 that enables an attacker to perform a roll-back replay attack on the rolling-code authentication used by the key fob operating at 433 MHz. By capturing two consecutive transmissions from a legitimate key fob, an attacker can replay these transmissions to cause the vehicle to accept unauthorized lock or unlock commands. Testing confirmed that replaying the first captured transmission puts the system into a state where the second replayed transmission successfully executes the lock or unlock operation. This vulnerability affects the integrity of the vehicle's remote locking mechanism and was demonstrated on a 2024 Suzuki Swift.
Potential Impact
The vulnerability allows an attacker within radio frequency range to bypass the authentication mechanism of the remote keyless entry system, enabling unauthorized locking or unlocking of the vehicle. This compromises the integrity of the vehicle's access control, potentially allowing unauthorized physical access. There is no impact on confidentiality or availability reported. No known exploits are currently in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or vendor advisory has been provided at this time. Until a fix is available, users should be aware of the risk of replay attacks and consider additional physical security measures. Avoid leaving vehicles unattended in high-risk areas where attackers could capture RF signals.
CVE-2026-49319: CWE-294 Authentication Bypass by Capture-replay in Alps Electric Co., Ltd. Remote Keyless Entry System (RKES) R53R0
Description
Remote Keyless Entry System (RKES), using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a legitimate key fob can later replay the same pair of transmissions repeatedly. During testing, replaying the first captured transmission caused the RKES to enter a state in which replaying the second captured transmission resulted in a successful lock or unlock operation of the vehicle. Tested and confirmed on a 2024 Suzuki Swift (SWIFT ISG GLS AC 1.2 5P 4x2 TM).
CVSS v3.1
Score 6.5medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-49319 describes a vulnerability in the Alps Electric RKES R53R0 that enables an attacker to perform a roll-back replay attack on the rolling-code authentication used by the key fob operating at 433 MHz. By capturing two consecutive transmissions from a legitimate key fob, an attacker can replay these transmissions to cause the vehicle to accept unauthorized lock or unlock commands. Testing confirmed that replaying the first captured transmission puts the system into a state where the second replayed transmission successfully executes the lock or unlock operation. This vulnerability affects the integrity of the vehicle's remote locking mechanism and was demonstrated on a 2024 Suzuki Swift.
Potential Impact
The vulnerability allows an attacker within radio frequency range to bypass the authentication mechanism of the remote keyless entry system, enabling unauthorized locking or unlocking of the vehicle. This compromises the integrity of the vehicle's access control, potentially allowing unauthorized physical access. There is no impact on confidentiality or availability reported. No known exploits are currently in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. No official fix or vendor advisory has been provided at this time. Until a fix is available, users should be aware of the risk of replay attacks and consider additional physical security measures. Avoid leaving vehicles unattended in high-risk areas where attackers could capture RF signals.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- ASRG
- Date Reserved
- 2026-05-29T07:26:43.198Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3d3f304853345fc113d179
Added to database: 06/25/2026, 14:46:08 UTC
Last enriched: 06/25/2026, 15:02:11 UTC
Last updated: 06/26/2026, 01:50:50 UTC
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.