GCVE - cpe:2.3:o:tesla:model_3_firmware:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:tesla:model_3_firmware:-:*:*:*:*:*:*:*

part: o version: - update: *

Vendor	Tesla (`559dd2d7-3b10-56d2-98ee-68e9ad8fd3b4`)
Product	Model 3 Firmware (`c65ed0ff-b055-5f3b-8b0d-53d038b376a8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-32155`	vulnerable	2026-06-03 14:51:57.719886	Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability HIGH (7.8) Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. . Was ZDI-CAN-20733. Published: 2024-05-03T01:56:38.175Z Updated: 2024-09-18T18:28:20.625Z Open on db.gcve.eu Reference links https://www.zerodayinitiative.com/advisories/ZDI-23-971/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-15912`	vulnerable	2026-06-03 14:41:46.982804	Details available Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue Published: 2020-07-23T14:40:19.000Z Updated: 2024-08-04T13:30:23.305Z Open on db.gcve.eu Reference links https://cansecwest.com/post/2020-03-09-22:00:00_2020_Speakers https://www.youtube.com/watch?v=kQWg-Ywv3S4 https://www.youtube.com/watch?v=VYKsfgox-bs https://twitter.com/Kevin2600/status/1218892338182836224 https://www.youtube.com/watch?v=nn-_3AbtEkI	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2019-9977`	vulnerable	2026-06-03 14:40:50.274516	Details available The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants. Published: 2019-03-24T13:39:42.000Z Updated: 2024-08-04T22:10:08.945Z Open on db.gcve.eu Reference links https://twitter.com/thezdi/status/1109218603251859456 https://www.zdnet.com/article/tesla-car-hacked-at-pwn2own-contest/ http://www.securityfocus.com/bid/107551	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.