Vulnerability Description
Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tesla | Model 3 Firmware | <= 2022-03-26 |
| Tesla | Model S Firmware | <= 2022-03-26 |
| Tesla | Model X Firmware | <= 2022-03-26 |
| Tesla | Model 3 | - |
| Tesla | Model S | - |
| Tesla | Model X | - |
Related Weaknesses (CWE)
References
- https://github.com/pompel123/Tesla-Charging-Port-OpenerThird Party Advisory
- https://twitter.com/IfNotPike/status/1507818836568858631Third Party Advisory
- https://twitter.com/IfNotPike/status/1507852693699661827ExploitThird Party Advisory
- https://github.com/pompel123/Tesla-Charging-Port-OpenerThird Party Advisory
- https://twitter.com/IfNotPike/status/1507818836568858631Third Party Advisory
- https://twitter.com/IfNotPike/status/1507852693699661827ExploitThird Party Advisory
FAQ
What is CVE-2022-27948?
CVE-2022-27948 is a vulnerability with a CVSS score of 7.2 (HIGH). Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspec...
How severe is CVE-2022-27948?
CVE-2022-27948 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-27948?
Check the references section above for vendor advisories and patch information. Affected products include: Tesla Model 3 Firmware, Tesla Model S Firmware, Tesla Model X Firmware, Tesla Model 3, Tesla Model S.