30 matches found
EUVD-2020-21811
Malware in sbrugna...
EUVD-2020-21813
Malware in sbrugna...
EUVD-2020-21812
Malware in sbrugna...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
CVE-2020-29439
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...
CVE-2020-29440
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module BCM. This allows an attacker who is inside a vehicle, or is otherwise able to send data over the CAN bus to start and drive the vehicle with a spoofe...
CVE-2020-29440
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module BCM. This allows an attacker who is inside a vehicle, or is otherwise able to send data over the CAN bus to start and drive the vehicle with a spoofe...
CVE-2020-29440
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module BCM. This allows an attacker who is inside a vehicle, or is otherwise able to send data over the CAN bus to start and drive the vehicle with a spoofe...
CVE-2020-29439
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...
CVE-2020-29439
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
Input validation
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...
Code injection
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module BCM. This allows an attacker who is inside a vehicle, or is otherwise able to send data over the CAN bus to start and drive the vehicle with a spoofe...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
CVE-2020-29438
CVE-2020-29438 affects Tesla Model X key fob firmware prior to 2020-11-23. The vulnerability arises because key fobs accept firmware updates without signature verification, enabling an attacker to craft firmware that retrieves an unlock code from a secure enclave chip. Documents consistently desc...
CVE-2020-29439
The CVE-2020-29439 entry concerns Tesla Model X vehicles manufactured before 2020-11-23, where key fobs use only the first five VIN digits for the authentication needed by a body control module (BCM) to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle, which i...
CVE-2020-29439
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module BCM to initiate a Bluetooth wake-up action. The full VIN is visible from outside the vehicle...
CVE-2020-29440
Tesla Model X vehicles before 2020-11-23 are affected by CVE-2020-29440, where the system does not perform certificate validation when pairing a new key fob with the Body Control Module (BCM). This allows an attacker who is inside the vehicle or can send data over the CAN bus to start and drive t...
CVE-2020-29440
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module BCM. This allows an attacker who is inside a vehicle, or is otherwise able to send data over the CAN bus to start and drive the vehicle with a spoofe...