Lucene search
K

71 matches found

CNNVD
CNNVD
added 2024/05/03 12:0 a.m.6 views

Tesla Model 3 安全漏洞

The Tesla Model 3 is an electric vehicle from the American company Tesla. A security vulnerability exists in the Tesla Model 3 that stems from a specific flaw in the bsaserver process that lacks proper validation of the length of user-supplied data before copying it to a heap-based fixed-length...

7.5CVSS4.9AI score0.00344EPSS
Exploits0References2
OSV
OSV
added 2023/11/08 10:15 p.m.6 views

CVE-2023-5075

A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code...

6.7CVSS6.3AI score0.0023EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/07/18 12:0 a.m.16 views

(Pwn2Own) Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. The issue results from th...

7.8CVSS7.2AI score0.00199EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.6 views

PT-2023-23643 · Tesla · Tesla Model 3

Name of the Vulnerable Software and Affected Versions: Tesla Model 3 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth devi...

7.5CVSS7.5AI score0.00344EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/07/18 12:0 a.m.5 views

PT-2023-23642 · Tesla · Tesla Model 3

Name of the Vulnerable Software and Affected Versions: Tesla Model 3 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected vehicles. The flaw exists within the handling of firmware updates, resulting from improper...

9CVSS9.3AI score0.00368EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2023/07/18 12:0 a.m.25 views

(Pwn2Own) Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the...

4.6CVSS7.3AI score0.00344EPSS
Exploits0
CNNVD
CNNVD
added 2023/03/29 12:0 a.m.5 views

Tesla 安全漏洞

Tesla is an electric vehicle from the American company Tesla. A security vulnerability exists in Tesla Model 3 that stems from the iceupdater component not properly validating user-supplied firmware...

7.6CVSS6.8AI score0.00439EPSS
Exploits0References2
HackRead
HackRead
added 2023/03/27 5:16 p.m.18 views

Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned

By Deeba Ahmed This year's Pwn2Own 2023 was held in Vancouver between March 22nd and 24th, 2023. This is a post from HackRead.com Read the original post: Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu and more Pwned...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2023/03/27 11:3 a.m.30 views

Hacks at Pwn2Own Vancouver 2023

An impressive array of hacks were demonstrated at the first day of the Pwn2Own conference in Vancouver: On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model ...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2022/09/16 8:43 p.m.28 views

CVE-2022-37709

Tesla Model 3 V11.02022.4.5.1 6b701552d7a6 Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to open a door and drive the car away by leveraging...

5.7AI score0.00563EPSS
Exploits1References3
CVE
CVE
added 2022/09/16 8:43 p.m.73 views

CVE-2022-37709

CVE-2022-37709 affects Tesla Model 3 with firmware v11.0 (2022.4.5.1 6b701552d7a6) and Tesla mobile app v4.23. The issue is an authentication bypass by spoofing in the Phone Key flow, combined with Bluetooth Low Energy (BLE) channel weaknesses that enable a man-in-the-middle attack. Attackers wit...

5.3CVSS5.4AI score0.00563EPSS
Exploits1References3Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2022/09/08 12:0 a.m.84 views

(Pwn2Own) ConnMan received_data Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installation of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the receiveddata method. Crafted data in a HTTP response can trigger a write past the e...

6.3CVSS1.4AI score0.02392EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2022/09/08 12:0 a.m.38 views

(Pwn2Own) ConnMan wispr_portal_web_result wp_object Double Free Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ConnMan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wisprportalwebresult method. The issue results from the lack of validating the...

6.3CVSS2.2AI score0.0152EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2021/11/15 8:52 p.m.46 views

High-Severity Intel Processor Bug Exposes Encryption Keys

A security vulnerability in Intel chips opens the door for encrypted file access and espionage, plus the ability to bypass copyright protection for digital content. That’s according to Positive Technologies PT, which found that the vulnerability CVE-2021-0146 is a debugging functionality with...

6.8CVSS7AI score0.00407EPSS
Exploits0References5
NVD
NVD
added 2020/07/23 3:15 p.m.17 views

CVE-2020-15912

Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue...

6.5CVSS6.5AI score0.0119EPSS
Exploits1References6
Prion
Prion
added 2020/07/23 3:15 p.m.16 views

Design/Logic Flaw

Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue...

3.3CVSS6.5AI score0.0119EPSS
Exploits1References6
CVE
CVE
added 2020/07/23 2:40 p.m.43 views

CVE-2020-15912

CVE-2020-15912 affects Tesla Model 3 vehicles. The available documents describe a door-opening vulnerability where an attacker with access to a legitimate key card can relay NFC to unlock/open the door. The root cause is a vulnerability in NFC relay/authentication handling (as described across th...

6.5CVSS6.4AI score0.0119EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2020/07/23 2:40 p.m.33 views

CVE-2020-15912

Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue...

6.5AI score0.0119EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2020/07/23 2:40 p.m.13 views

CVE-2020-15912

Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue...

6.9AI score0.0119EPSS
Exploits1References6
OSV
OSV
added 2020/03/20 7:15 p.m.4 views

CVE-2020-10558

The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notification...

6.5CVSS6.6AI score0.02605EPSS
Exploits2References2
Rows per page
Query Builder