Tesla Unspecified Arbitrary Code Execution Vulnerability

Tesla Model 3 is prone to an unspecified arbitrary code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected device.

Information

Bugtraq ID: 107551
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2019-9977

Remote: No
Local: Yes
Published: Mar 23 2019 12:00AM
Updated: Mar 23 2019 12:00AM
Credit: Amat Cama, and Richard Zhu of Fluoroacetate
Vulnerable: Tesla Model 3 0

Not Vulnerable:

Exploit

Exploitation of this issue was demonstrated at the Pwn2own contest, but the exploit is not publicly available.

References:

Tesla car hacked at Pwn2Own contest (CBS Interactive)
Tesla Home Page (Tesla)
Tesla Model 3 (Tesla)

Source: www.securityfocus.com

Exploit Collector

Search Exploit