- steal AES key (undisclosed vulnerability, one time physical access)
- RF injection with bypass of alpha key blacklisting (could be done as often as needed, once AES key is dumped)
As @marcnewlin pointed out with his latest research, R500 encryption could also be attacked using an encryption weakness published in 2016. This wouldn't require AES key extraction at all (if same key-blacklisting bypass is applied).
Reference: github.com/marcnewlin/pre…