Buffer overflow in Tesla Model 3 - CVE-2022-42431

 

Buffer overflow in Tesla Model 3 - CVE-2022-42431

Published: October 10, 2022


Vulnerability identifier: #VU68085
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-42431
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Tesla
Affected software:
Tesla Model 3

Detailed vulnerability description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the bcmdhd driver. A local user can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


How to mitigate CVE-2022-42431

Install updates from vendor's website.

Sources