Lucene search
+L

71 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/04/30 12:0 a.m.20 views

(Pwn2Own) Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the VCSEC module. By manipulating the certificate response sent from the Tire Pressure...

7.5CVSS7.6AI score0.00331EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2025/04/30 12:0 a.m.11 views

PT-2025-18327

Tesla Model 3 and Affected Versions Tesla Model 3 affected versions not specified Description This issue allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles without authentication. The flaw resides within the VCSEC module. An attacker can trigger an...

7.5CVSS8.2AI score0.00331EPSS
Exploits2References21
NVD
NVD
added 2024/05/03 2:15 a.m.21 views

CVE-2023-32157

Tesla Model 3 bsaserver BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the...

7.5CVSS5.2AI score0.00344EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 2:15 a.m.9 views

CVE-2023-32155

Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this...

7.8CVSS7.9AI score0.00199EPSS
Exploits0References1
NVD
NVD
added 2024/05/03 2:15 a.m.23 views

CVE-2023-32156

Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in ord...

9CVSS9.1AI score0.00368EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 2:15 a.m.5 views

CVE-2023-32157

Tesla Model 3 bsaserver BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the...

7.5CVSS6.2AI score0.00344EPSS
Exploits0References1
OSV
OSV
added 2024/05/03 2:15 a.m.3 views

CVE-2023-32155

Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this...

7CVSS6.2AI score0.00199EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.2 views

CVE-2023-32156

Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in ord...

9CVSS6.2AI score0.00368EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.3 views

CVE-2023-32157

Tesla Model 3 bsaserver BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the...

7.5CVSS6.2AI score0.00344EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/05/03 2:15 a.m.10 views

CVE-2023-32155

Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this...

7.8CVSS6.2AI score0.00199EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/03 1:56 a.m.21 views

CVE-2023-32157 Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability

Tesla Model 3 bsaserver BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the...

4.6CVSS5.4AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:56 a.m.66 views

CVE-2023-32157

CVE-2023-32157 affects Tesla Model 3 with the bsa_server heap-based buffer overflow. Root cause: improper validation of user-supplied data length copied into a fixed-length heap buffer, allowing an attacker to execute code in the context of an unprivileged user in a sandboxed process. Exploitatio...

7.5CVSS5.2AI score0.00344EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.23 views

CVE-2023-32157 Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability

Tesla Model 3 bsaserver BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the...

4.6CVSS5.6AI score0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/03 1:56 a.m.13 views

CVE-2023-32155 Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability

Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this...

7.8CVSS7.9AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:56 a.m.63 views

CVE-2023-32155

CVE-2023-32155 pertains to Tesla Model 3 and the bcmdhd Wi‑Fi driver. The root cause is lack of validation of user-supplied data, enabling an out‑of‑bounds write that can escalate privileges. Attack requires local code execution on the device’s Wi‑Fi subsystem and can lead to arbitrary kernel cod...

7.8CVSS7.9AI score0.00199EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/03 1:56 a.m.15 views

CVE-2023-32156 Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability

Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in ord...

9CVSS9.2AI score0.00368EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.32 views

CVE-2023-32156 Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability

Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in ord...

9CVSS9.2AI score0.00368EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 1:56 a.m.14 views

CVE-2023-32155 Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability

Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this...

7.8CVSS8AI score0.00199EPSS
Exploits0References1
CVE
CVE
added 2024/05/03 1:56 a.m.61 views

CVE-2023-32156

CVE-2023-32156 is a Tesla Model 3 Gateway ECU firmware signature validation bypass vulnerability. The issue stems from improper error handling during firmware updates, allowing network-adjacent attackers to execute arbitrary code with the context of the Gateway ECU after gaining the ability to ru...

9CVSS9.2AI score0.00368EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.7 views

Tesla Model 3 安全漏洞

Tesla Model 3 is an electric vehicle from the American company Tesla Tesla. A security vulnerability exists in Tesla Model 3 that stems from a specific flaw in the bcmdhd driver that lacks proper validation of user-supplied data...

7.8CVSS7.6AI score0.00199EPSS
Exploits0References2
Rows per page
Query Builder