This article compares two VCDS (Vag-Com Diagnostic System) cables purchased from Aliexpress, marketed as HEX-CAN and HEX-V2, against a genuine Ross-Tech HEX-CAN cable. We’ll analyze their functionality, performance, and potential risks.
Decoding the HEX-CAN and HEX-V2 Clones from Aliexpress
The first cable, advertised as a V2, was actually a HEX-CAN clone based on the Atmega162 chip, costing $29. This required a separate loader program flagged as malicious by VirusTotal.
Interestingly, the genuine Ross-Tech HEX-CAN also utilizes the Atmega162.
Due to the potential security risk, this HEX-CAN clone is not recommended. Using it in a virtual machine might mitigate the risk but is not ideal.
The second cable, priced at $49, was based on the STM32F405 chip, similar to the genuine HEX-V2.
This clone functioned without a loader or VCDS modification and performed well, exceeding the genuine HEX-CAN in speed and data logging rates.
Bypassing Security: Delving into the STM32F405 Chip
To understand its functionality, the STM32F405 chip was extracted and analyzed. The chip was locked with RDP level 2, preventing debug access. Using a ChipWhisperer, the RDP2 was bypassed.
A video demonstrating the process is available: https://youtu.be/4JFo23tYOq0 Further workarounds were employed to bypass RDP1 and access the chip’s memory.
Conclusion: Hex Can VCDS Aliexpress – Proceed with Caution
While the STM32F405 based HEX-V2 clone offered surprisingly good performance, using counterfeit diagnostic tools carries inherent risks. Compatibility with future VCDS updates is uncertain, likely limiting functionality to the included version 20.4.1. While budget-conscious users might find these Aliexpress cables tempting, investing in a genuine Ross-Tech VCDS ensures reliability, security, and ongoing support.
