Skip to main content

Model X Firmware

4 CVEs product

Monthly

CVE-2022-27948 MEDIUM POC This Month

Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Model 3 Firmware Model S Firmware Model X Firmware
NVD GitHub
CVSS 3.1
4.3
EPSS
1.4%
CVE-2020-29440 MEDIUM POC This Month

Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Model X Firmware
NVD
CVSS 3.1
4.6
EPSS
0.2%
CVE-2020-29439 MEDIUM POC This Month

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Model X Firmware
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2020-29438 MEDIUM POC This Month

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Jwt Attack Information Disclosure Model X Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
EPSS 1% CVSS 4.3
MEDIUM POC This Month

Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Model 3 Firmware Model S Firmware +1
NVD GitHub
EPSS 0% CVSS 4.6
MEDIUM POC This Month

Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Model X Firmware
NVD
EPSS 0% CVSS 4.6
MEDIUM POC This Month

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Model X Firmware
NVD
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Jwt Attack Information Disclosure Model X Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy