CVE-2025-56448

The Positron PX360BT SW REV 8 car alarm system is vulnerable to a replay attack due to a failure in implementing rolling code security. The alarm system does not properly rotate or invalidate used codes, allowing repeated reuse of captured transmissions. This exposes users to significant security risks, including vehicle theft and loss of trust in the alarm's anti-cloning claims.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CISA-ADPADP
6.8 MEDIUM
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://medium.com/@wagneralves_87750/cve-2025-56448-replay-attack-vulnerability-in-positron-px360bt-car-alarm-system-c9f1ccea6ebe
https://positron.com.br/blog/positron-lanca-alarme-px360bt-starter/