Vulnerabilities (CVE)

Filtered by vendor Tesla Subscribe
Filtered by product Model Y
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3093 1 Tesla 8 Model 3, Model 3 Firmware, Model S and 5 more 2024-02-28 N/A 6.4 MEDIUM
This vulnerability allows physical attackers to execute arbitrary code on affected Tesla vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ice_updater update mechanism. The issue results from the lack of proper validation of user-supplied firmware. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-17463.