Описание
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip.
Ссылки
- ExploitPress/Media CoverageThird Party Advisory
- ExploitPress/Media CoverageThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2020-11-23 (исключая)
Одновременно
cpe:2.3:o:tesla:model_x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tesla:model_x:-:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00086
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-347
Связанные уязвимости
github
больше 3 лет назад
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip.
EPSS
Процентиль: 25%
0.00086
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-347