CVE-2025-8321

EUVD-2025-23137

30.07.2025, 01:15

Tesla Wall Connector Firmware Downgrade Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the firmware upgrade feature. The issue results from the lack of an anti-downgrade mechanism. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the device. Was ZDI-CAN-26299.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	6.8 MEDIUM	PHYSICAL	LOW	NONE	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
zdi	CNA	6.8 MEDIUM				CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 16%

Affected Products (NVD)

Vendor	Product	Version
tesla	wall_connector_firmware	𝑥 < 24.44.3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1328 - Security Version Number Mutable to Older Versions
Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions.

References

https://www.zerodayinitiative.com/advisories/ZDI-25-712/