CVE-2026-2540
Published: Feb 15, 2026
Modified: Feb 17, 2026
Description
The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and execute a command. Successful exploitation allows an attacker to clone the alarm key. This grants the attacker unauthorized access to the vehicle to unlock or lock the doors.
| Vendor | Product | Versions |
|---|---|---|
Micca Auto Electronics Co., Ltd. | Car Alarm System KE700 | affected KE700unknown KE700+ |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now