Vulnerability Details CVE-2024-6029
Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the firewall service. The issue results from a failure to obtain the xtables lock. An attacker can leverage this vulnerability to bypass firewall rules. Was ZDI-CAN-23197.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.0%
CVSS Severity
CVSS v3 Score 5.0
Products affected by CVE-2024-6029
-
cpe:2.3:h:tesla:model_s:-
-
cpe:2.3:o:tesla:model_s_firmware:-
-
cpe:2.3:o:tesla:model_s_firmware:2022-03-26
-
cpe:2.3:o:tesla:model_s_firmware:2022.16.0.3