Main Vulnerability Database Vulnerabilities #VU115223

#VU115223 Improper Neutralization of Special Elements in Output Used by a Downstream Component in Tesla Model 3 - CVE-2025-6785

Published: September 16, 2025

Vulnerability identifier: #VU115223

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-6785

CWE-ID: CWE-74

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Tesla Model 3

Software vendor:
Tesla

Description

The vulnerability allows a local attacker to compromise the target system.

The vulnerability exists due to CAN Bus injection issue. An attacker with physical access can inject malicious CAN messages and control essential vehicle functions.

Remediation

Install updates from vendor's website.

External links

https://asrg.io/security-advisories/cve-2025-6785/

#VU115223 Improper Neutralization of Special Elements in Output Used by a Downstream Component in Tesla Model 3 - CVE-2025-6785

Description

Remediation

External links

Please verify you're human