CVE-2020-10558

The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notifications, along with other miscellaneous functions from the main screen.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
teslamodel_3_web_interface
𝑥
< 2020.4.10
𝑥
= Vulnerable software versions
References
https://cylect.io/blog/Tesla_Model_3_Vuln/
https://safekeepsecurity.com/about/cve-2020-10558/
https://cylect.io/blog/Tesla_Model_3_Vuln/
https://safekeepsecurity.com/about/cve-2020-10558/