CVE-2026-2540 – Micca KE700 Acceptance of previously used rolling codes

CVE ID : CVE-2026-2540

Published : Feb. 15, 2026, 11:15 a.m. | 1 hour, 16 minutes ago

Description : The Micca KE700 system contains flawed resynchronization logic and is vulnerable to replay attacks. This attack requires sending two previously captured codes in a specific sequence. As a result, the system can be forced to accept previously used (stale) rolling codes and execute a command. Successful exploitation allows an attacker to clone the alarm key. This grants the attacker unauthorized access to the vehicle to unlock or lock the doors.

Severity: 8.4 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…