Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip.
6.5CVSS
6.5AI Score
0.001EPSS
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. (The full VIN is visible from outside the vehicle.)
4.6CVSS
4.9AI Score
0.001EPSS
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive the vehicle with a spoo...
4.6CVSS
4.7AI Score
0.001EPSS