556 matches found
CVE-2019-13582
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution...
CVE-2019-13582
CVE-2019-13582 affects Marvell 88W8688 Wi‑Fi firmware (pre‑p52) used in Tesla Model S/X, via the Parrot Faurecia FC6050W module. The issue is a stack overflow in the Wi‑Fi firmware that can lead to denial of service or arbitrary code execution. Connected documents confirm the affected component a...
CVE-2019-13581
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitra...
CVE-2016-7382
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver contains a vulnerability in the kernel mode layer nvlddmkm.sys for Windows or nvidia.ko for Linux handler where a missing permissions check may allow users to gain access to arbitrary physical memory, leading to an...
CVE-2016-7389
For the NVIDIA Quadro, NVS, GeForce, and Tesla products, NVIDIA GPU Display Driver on Linux R304 before 304.132, R340 before 340.98, R367 before 367.55, R36193 before 361.93.03, and R370 before 370.28 contains a vulnerability in the kernel mode layer nvidia.ko handler for mmap where improper inpu...
The vulnerability of NVIDIA GeForce, Quadro, and Tesla software for 3D vision components allows attackers to execute arbitrary code, cause system failures, or gain enhanced privileges.
The vulnerability of 3D vision software from NVIDIA’s GeForce, Quadro, and Tesla products is related to errors in link processing. Exploiting this vulnerability can allow attackers to execute arbitrary code, cause service failures, or gain increased privileges...
A Hack to Steal a Tesla, a Yelp Overhaul, and More News
Catch up on the most important news from today in two minutes or less...
Hackers Could Steal a Tesla Model S by Cloning Its Key Fob—Again
The same researchers who figured out how to clone a Tesla Model S key fob have done it again, cracking the replacement that was meant to fix the problem...
Modifying a Tesla to Become a Surveillance Platform
From DefCon: At the Defcon hacker conference today, security researcher Truman Kain debuted what he calls the Surveillance Detection Scout. The DIY computer fits into the middle console of a Tesla Model S or Model 3, plugs into its dashboard USB port, and turns the car's built-in cameras -- the...
Tesla Agent Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Tesla Agent Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of tesla agent botnet panel. ,...
Agent Tesla Botnet - Arbitrary Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Tesla Agent Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of tesla agent botnet panel. ,...
Agent Tesla Botnet Arbitrary Code Execution
import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog: argparse.HelpFormatterprog, maxhelpposition=50, epilog= ''...
Agent Tesla Botnet - Arbitrary Code Execution
Agent Tesla Botnet - Arbitrary Code Execution import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog:...
Agent Tesla Botnet - Arbitrary Code Execution Exploit
Agent Tesla Botnet - Arbitrary Code Execution import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog:...
Agent Tesla Botnet - Arbitrary Code Execution
import requests import argparse import base64 Agent Tesla C2 RCE by prsecurity For research purposes only. Don't pwn what you don't own. def getargs: parser = argparse.ArgumentParser prog="agentteslasploit.py", formatterclass=lambda prog: argparse.HelpFormatterprog, maxhelpposition=50, epilog= ''...
This Tesla Mod Turns a Model S Into a Mobile 'Surveillance Station'
The Surveillance Detection Scout can track license plates and faces near your Tesla—with all the privacy concerns that implies...
Security Bulletin: NVIDIA GPU Display Driver - August 2019
NVIDIA has released a software security update for the NVIDIA GPU Display Driver. This update addresses issues that may lead to local code execution, denial of service, or escalation of privileges. To protect your system, download and install this software update through NVIDIA Driver Downloads G...
Threat Source newsletter (July 18, 2019)
Newsletter compiled by Jonathan Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. A group we’re calling “SWEED” may be behind years of Agent Tesla attacks. This week, we uncovered everything we know about this...
SWEED: Exposing years of Agent Tesla campaigns
By Edmund Brumaghin and other Cisco Talos researchers. Executive summary Cisco Talos recently identified a large number of ongoing malware distribution campaigns linked to a threat actor we're calling "SWEED," including such notable malware as Formbook, Lokibot and Agent Tesla. Based on our...
Tesla Killer: The Fuzzed and the Furious
The Tesla doesn’t have a conventional OBDII port onboard diagnostics as such. There’s a connector, but it’s just provided with +12V/ground in order to power things like insurance telematics dongles. Instead, there’s the Tesla diagnostics connector X427 which is where things get a bit weird. That...