CVE-2023-32156

Name of the Vulnerable Software and Affected Versions Tesla Model 3 (affected versions not specified)

Description This issue allows network-adjacent attackers to execute arbitrary code on affected vehicles. The flaw exists within the handling of firmware updates, resulting from improper error-handling during the update process. An attacker can leverage this issue to execute code in the context of Tesla's Gateway ECU. The attacker must first obtain the ability to execute privileged code on the Tesla infotainment system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.