Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15912 | 1 Tesla | 2 Model 3, Model 3 Firmware | 2023-02-03 | 3.3 LOW | 6.5 MEDIUM |
| ** DISPUTED ** Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue. | |||||
| CVE-2022-37709 | 1 Tesla | 3 Model 3, Model 3 Firmware, Tesla | 2022-09-23 | N/A | 5.3 MEDIUM |
| Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to open a door and drive the car away by leveraging access to a legitimate Phone Key. | |||||
| CVE-2022-27948 | 1 Tesla | 6 Model 3, Model 3 Firmware, Model S and 3 more | 2022-04-05 | 3.3 LOW | 4.3 MEDIUM |
| ** DISPUTED ** Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended. | |||||
| CVE-2019-9977 | 1 Tesla | 2 Model 3, Model 3 Firmware | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants. | |||||