Vulnerability Description
The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notifications, along with other miscellaneous functions from the main screen.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tesla | Model 3 Web Interface | < 2020.4.10 |
References
- https://cylect.io/blog/Tesla_Model_3_Vuln/ExploitThird Party Advisory
- https://safekeepsecurity.com/about/cve-2020-10558/ExploitThird Party Advisory
- https://cylect.io/blog/Tesla_Model_3_Vuln/ExploitThird Party Advisory
- https://safekeepsecurity.com/about/cve-2020-10558/ExploitThird Party Advisory
FAQ
What is CVE-2020-10558?
CVE-2020-10558 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer,...
How severe is CVE-2020-10558?
CVE-2020-10558 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-10558?
Check the references section above for vendor advisories and patch information. Affected products include: Tesla Model 3 Web Interface.