7 matches found
CVE-2022-27948
The CVE-2022-27948 entry concerns certain Tesla vehicles through 2022-03-26 where a 315 MHz RF signal containing a fixed sequence of about one hundred symbols can be used to open the charging port. The vulnerability is framed around wireless access to the charging port via a specific RF payload; ...
CVE-2024-6032
CVE-2024-6032. Concrete details across connected sources show a local command-injection in Tesla Model S Iris Modem via the ql_atfwd process. The flaw stems from inadequate validation of a user-supplied string used to form a system call, allowing an attacker with code execution on the target to r...
CVE-2024-6029
CVE-2024-6029 concerns the Tesla Model S Iris Modem firewall, where a race-condition flaw in the firewall service arises from a failure to obtain the xtables lock. This vulnerability allows network-adjacent attackers to bypass firewall rules without authentication. The issue is documented across ...
CVE-2024-13943
CVE-2024-13943 describes a local sandbox-escape vulnerability in the Tesla Model S Iris Modem, specifically within the QCMAP_ConnectionManager. The flaw allows a low-privilege local attacker to exploit improper input validation to assign LAN addresses to the WWAN, enabling access to network servi...
CVE-2024-6031
CVE-2024-6031 affects Tesla Model S oFono via a heap-based buffer overflow in AT command response parsing. The root cause is improper validation of the length of user-supplied data before copying to a heap buffer, enabling a local attacker who can execute code on the target modem to run arbitrary...
CVE-2024-6030
CVE-2024-6030 affects Tesla Model S, specifically the oFono process. The vulnerability enables local attackers to escape the device sandbox by abusing oFono to modify interfaces, thereby bypassing the iptables network sandbox. An exploit would require the attacker to execute code within the sandb...
CVE-2022-3093
The CVE-2022-3093 issue is a Tesla ice_updater firmware-update vulnerability where improper validation of user-supplied firmware allows a physical attacker to execute arbitrary code with root privileges. Multiple sources (ZDI advisory ZDI-22-1188 and Red Hat/CVEs) describe a TOCTOU‑style control ...