Description
The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle.
Published: 2026-02-15
Score: 6.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Authentication bypass via brute‑force on rolling code
Action: Apply Fix
AI Analysis

Impact

A 6‑bit portion of the Micca KE700 alarm system’s rolling code is used for authentication. Because only 64 combinations are available, an attacker can brute‑force this component quickly and predict the next valid code. This allows an unauthorized user to gain entry to the vehicle, effectively bypassing the intended security mechanism. The weakness exemplifies insufficient entropy, classified as CWE‑331.

Affected Systems

All Micca Auto Electronics’ Car Alarm System KE700 units are affected. The vulnerability applies to every deployment of the KE700 product; no specific firmware or hardware revision information was provided.

Risk and Exploitability

The CVSS base score is 6.4, indicating a moderate impact. The EPSS score is below 1 %, suggesting that exploitation is unlikely under normal circumstances, but the simplicity of the attack (requiring only a brute‑force on a 6‑bit field) means a determined adversary can repeat the process rapidly. The vulnerability is not yet listed in the CISA Known Exploited Vulnerabilities catalog. The attack path is inferred to involve access to the vehicle’s signaling interface or a similar channel where the rolling code is transmitted, allowing an attacker to capture or guess the 6‑bit code easily.

Generated by OpenCVE AI on April 17, 2026 at 19:20 UTC.

Remediation

Vendor Solution

* Increase entropy: The random component of the code must be significantly larger. A 16-bit keyspace is insecure by modern standards. A minimum of 64 bits of entropy would make a brute-force attack computationally infeasible.

OpenCVE Recommended Actions

  • Update the KE700 firmware or configuration so that the rolling code’s random component uses at least a 64‑bit keyspace, eliminating the low‑entropy weakness.
  • Re‑configure the system to enforce the new 64‑bit rolling code and disable any legacy 6‑bit code generation paths.
  • Add an additional authentication factor—such as a keypad entry or biometric verification—if firmware changes are not yet available, to reduce reliance on the compromised rolling code mechanism.

Generated by OpenCVE AI on April 17, 2026 at 19:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 17 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 16 Feb 2026 12:15:00 +0000

Type Values Removed Values Added
First Time appeared Micca Auto Electronics
Micca Auto Electronics car Alarm System Ke700
Vendors & Products Micca Auto Electronics
Micca Auto Electronics car Alarm System Ke700

Sun, 15 Feb 2026 11:15:00 +0000

Type Values Removed Values Added
Description The Micca KE700 system relies on a 6-bit portion of an identifier for authentication within rolling codes, providing only 64 possible combinations. This low entropy allows an attacker to perform a brute-force attack against one component of the rolling code. Successful exploitation simplify an attacker to predict the next valid rolling code, granting unauthorized access to the vehicle.
Title Micca KE700 Brute-force vulnerability due to low entropy
Weaknesses CWE-331
References
Metrics cvssV4_0

{'score': 6.4, 'vector': 'CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:H/V:D/RE:H'}

Subscriptions

Micca Auto Electronics Car Alarm System Ke700
cve-icon MITRE

Status: PUBLISHED

Assigner: ASRG

Published:

Updated: 2026-02-17T17:06:46.968Z

Reserved: 2026-02-15T10:49:23.973Z

Link: CVE-2026-2541

cve-icon Vulnrichment

Updated: 2026-02-17T16:42:17.228Z

cve-icon NVD

Status : Deferred

Published: 2026-02-15T11:15:55.223

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-2541

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T19:30:15Z

Weaknesses