Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability
Vulnerability Description
Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the VCSEC module. By manipulating the certificate response sent from the Tire Pressure Monitoring System (TPMS), an attacker can trigger an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the VCSEC module and send arbitrary messages to the vehicle CAN bus. Was ZDI-CAN-23800.
CVSS Information
N/A
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
Tesla Model 3 输入验证错误漏洞
Vulnerability Description
Tesla Model 3是美国特斯拉(Tesla)公司的一款电动汽车。 Tesla Model 3存在输入验证错误漏洞,该漏洞源于VCSEC模块整数溢出,可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A