CVE-2025-6030 CRITICAL

CVE-2025-6030: Autoeastern Smart Keyless Entry System Replay Attack

Vendor Autoeastern
Product Cyclone Matrix TRF
Weakness CWE-307 · Brute force
Published June 13, 2025
Last update June 13, 2025

CVSS base score

9.4/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:N

What the vulnerability does

01Description

Use of fixed learning codes, one code to lock the car and the other code to unlock it, in the Key Fob Transmitter in Cyclone Matrix TRF Smart Keyless Entry System, which allows a replay attack. Research was completed on the 2024 KIA Soluto.  Attack confirmed on other KIA Models in Ecuador.

Key dates

02Disclosure timeline

June 13, 2025 CVE published
June 13, 2025 Record updated