Privilege Escalation Flaw in Tesla Vehicles Due to Driver Validation Issue
CVE-2022-42431

8.8HIGH

Key Information:

Vendor: Tesla
Status: Model 3
Vendor: CVE Published:; 29 March 2023

What is CVE-2022-42431?

This vulnerability allows local attackers to escalate privileges on Tesla vehicles by exploiting a flaw in the bcmdhd driver. The issue arises from inadequate validation of user-supplied data length, allowing an attacker to execute arbitrary code with root privileges after obtaining the ability to execute privileged code on the system. Proper precautions and security measures are essential to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Model 3 Model 3 Infotainment 2022.12.22

References

https://www.zerodayinitiative.com/advisories/ZDI-22-1407/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Mar 29, 2023
Vulnerability Reserved
Oct 3, 2022

Credit

Vincent DEHORS of @Synacktiv

JSON

Tesla

What is CVE-2022-42431?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.