The car company said that the flaws does not impact vehicles sold in the UK.
A computer engineer called Tom Wimmenhove said on GitHub, an online code repository, that he found the Subaru key fob's rolling code – the internal system used to securely lock and unlock car doors – was "predictable" because it was sequential, rather than random.
"An attacker can 'clone' the key fob, unlock cars and, when increasing the rolling code with a sufficiently high value, effectively render the user's key fob unusable," he wrote alongside the source code.
He claimed the rolling code flaw impacts the Subaru Baja (2006), Forester (2005-10), Impreza (2004-11), Legacy (2005-10) and the Outback (2005-10).
According to Bleeping Computer, Wimmenhove found the bug after analysing radio signals being emitted from his own vehicle, and then realising they could easily be cloned.
On his GitHub page, he claimed that in order to launch the attack all that was needed was a receiver and transmitter. All in, he used a Raspberry Pi as the host computer to run the exploit, a WiFi dongle, a TV dongle, a power bank and a cheap antennae.
Also read: Thieves dump car ten minutes after burglary