GHSA-PRXJ-3GCV-CQRH Tesla Fleet Telemetry allows spoofing telemetry for arbitrary vehicles via compromised vehicle credentials
Summary A vulnerability in vehicle authentication allows threat actor with valid client credentials i.e., a private key and certificate from a rooted infotainment system to impersonate arbitrary VINs when authenticating to the telemetry server. Impact The attacker would be able to submit falsifie...