Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tesla vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv3
CVE-2022-3093
This vulnerability allows physical malicious users to execute arbitrary code on affected Tesla vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ice_updater update mechanism. The issue results from the lack of proper valid...
Tesla Model 3 Firmware
Tesla Model S Firmware
Tesla Model X Firmware
Tesla Model Y Firmware
4.3
CVSSv3
CVE-2022-27948
Certain Tesla vehicles through 2022-03-26 allow malicious users to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended
Tesla Model 3 Firmware
Tesla Model S Firmware
Tesla Model X Firmware
5.3
CVSSv3
CVE-2022-37709
Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows malicious users to open a door and drive ...
Tesla Model 3 Firmware 11.0
Tesla Tesla 4.23
6.5
CVSSv3
CVE-2020-15912
Tesla Model 3 vehicles allow malicious users to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue
Tesla Model 3 Firmware -
7.8
CVSSv3
CVE-2022-42430
This vulnerability allows local malicious users to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...
Tesla Model 3 Firmware
8.8
CVSSv3
CVE-2019-9977
The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows malicious users to trigger firmware code execution, and display a crafted message to vehicle occupants.
Tesla Model 3 Firmware -
7.8
CVSSv3
CVE-2022-42431
This vulnerability allows local malicious users to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. ...
Tesla Model 3 Firmware
6.5
CVSSv3
CVE-2020-29438
Tesla Model X vehicles prior to 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows malicious users to construct firmware that retrieves an unlock code from a secure enclave chip.
Tesla Model X Firmware
4.6
CVSSv3
CVE-2020-29439
Tesla Model X vehicles prior to 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. (The full VIN is visible from outside the vehicle.)
Tesla Model X Firmware
4.6
CVSSv3
CVE-2020-29440
Tesla Model X vehicles prior to 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive th...
Tesla Model X Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »