- Description
- Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the VCSEC module. By manipulating the certificate response sent from the Tire Pressure Monitoring System (TPMS), an attacker can trigger an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the VCSEC module and send arbitrary messages to the vehicle CAN bus. Was ZDI-CAN-23800.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- zdi-disclosures@trendmicro.com
- CWE-190
- Hype score
- Not currently trending
CVE-2025-2082 - In Tesla Model 3, a VCSEC Integer Overflow in the Tire Pressure Monitoring System (TPMS) can allow remote code execution and unauthorized CAN bus control. "0-click RCE on Tesla Model 3 through TPMS Sensors" [PDF] https://t.co/PL0Gph0grs
@johntroony
12 May 2025
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Running code on Tesla security ECU from tire: details on new CVE-2025-2082 vulnerability. 🛞 🔀 🚗 💥 Link to post: https://t.co/JjKX3vpOmw https://t.co/o2duCYZpuu
@it4sec
7 May 2025
1222 Impressions
10 Retweets
31 Likes
12 Bookmarks
0 Replies
0 Quotes
📌 Critical vulnerability CVE-2025-2082 found in Tesla Model 3, allowing nearby attackers to execute arbitrary code via TPMS. Discovered by Synacktiv at Pwn2Own Vancouver 2024. #CyberSecurity #Tesla https://t.co/YyC39su9dE https://t.co/2HnW1K3Gsx
@CyberHub_blog
6 May 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Tesla Model 3 ranjivost (CVE-2025-2082) https://t.co/1PFrvf03P5 #automotivecybersecuritymatters #firmwareupgradenow #model3ownersbeaware #model3security #remotecodeexecutionrisk #teslacompromise #teslavulnerability #vcsecfixnow
@SajberInfoBlog
5 May 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای ماشین های تسلا مدل Tesla’s Model 3 آسیب پذیری با کد شناسایی CVE-2025-2082 منتشر شده است. آسیب پذیری مربوط به فریمور این مدل از ماشین ها می باشد ، فریمور نسخه 2024.1
@AmirHossein_sec
4 May 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-2082 🔴 HIGH (7.5) 🏢 Tesla - Model 3 🏗️ 2024.8 🔗 https://t.co/IT3hmPg9mG #CyberCron #VulnAlert #InfoSec https://t.co/tNHuujCeW2
@cybercronai
2 May 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【車の脆弱性】Tesla Model 3に遠隔コード実行の脆弱性。CVE-2025-2082はCVSSスコア7.5で、隣接ネットワークからVCSECモジュール上で任意のコードを実行可能なもの。ファームウェアバージョン2024.12で修正。ハッキン
@__kokumoto
1 May 2025
1111 Impressions
1 Retweet
14 Likes
2 Bookmarks
0 Replies
0 Quotes