Stack Overflow Vulnerability in Marvell Wi-Fi Firmware for Tesla Vehicles
CVE-2019-13582

9.8CRITICAL

Key Information:

Vendor: Marvell
Status: 88w8688 Firmware
Vendor: CVE Published:; 15 November 2019

What is CVE-2019-13582?

An identified vulnerability in Marvell's 88W8688 Wi-Fi firmware affects Tesla Model S and Model X vehicles manufactured before March 2018. This issue, arising through the integrated Parrot Faurecia Automotive FC6050W module, can lead to a stack overflow. The exploitation of this vulnerability has the potential to cause denial of service, resulting in system instability or disruption, or may allow for arbitrary code execution, which could threaten the integrity and confidentiality of the vehicle's network.

References

https://www.marvell.com/documents/ioaj5dntk2ubykssa78s/

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 15, 2019
Vulnerability Reserved
Jul 13, 2019