A car electronic security system aims to prevent its theft, the theft of its parts or of elements in its interior. Studying these systems allows identifying and mitigating vulnerabilities. Nowadays, there are different types of attacks on these systems to exploit their vulnerabilities, such as replay, relay, brute-force or jamming attacks, among others. In the last five years in Bogotá, Colombia, the average number of stolen vehicles was 3,073 per year. This research project proposes the detection of vulnerabilities in the security system of vehicles in this city. A sample of 43 vehicles of different brands sold and registered in the city is taken. The replay attack was executed, as well as a modification of the brute-force attack. Results show that most of the implemented security systems in Bogotá are susceptible of being successfully attacked through the proposed methods. The analysis done on the brute-force attack highlights a considerable reduction in time for unlocking the vehicle compared to the conventional attack in more vulnerable RKE systems. Replay attacks turn successful in great part of the sample and, furthermore, it is concluded that the unlocking key code can be generated from the locking one.

Brute Force Attack; Replay Attack;Decoding; Software Defined Radio; Locking Systems