Vulnerability in Remote Keyless Entry System from ALPS ALPINE CO., LTD.
CVE-2026-49319

6.9MEDIUM

Key Information:

Vendor: Alps Electric Co., Ltd.
Status: Remote Keyless Entry System (rkes) R53r0
Vendor: CVE Published:; 25 June 2026

🔔 Create Alps Electric Co., Ltd. Vulnerability Alert

What is CVE-2026-49319?

The Remote Keyless Entry System (RKES) from ALPS ALPINE CO., LTD. is susceptible to a roll-back attack. This vulnerability allows an attacker within RF range to capture and replay consecutive lock or unlock commands from a legitimate key fob. By recording two successive transmissions, the attacker can unlock or lock the vehicle, effectively compromising user security. This issue was observed during tests with the 2024 Suzuki Swift, prompting concerns regarding the integrity of the RKES.

Affected Version(s)

Remote Keyless Entry System (RKES) R53R0 R53R0

References

https://fccid.io/CWTR53R0

product

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
May 29, 2026

Credit

Danilo Erazo (Automotive Cybersecurity Researcher)

CVE-2026-49319 Data

JSON