Back to search
CVE-2022-37709
Published: Sep 16, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
Tesla Model 3 V11.0(2022.4.5.1 6b701552d7a6) Tesla mobile app v4.23 is vulnerable to Authentication Bypass by spoofing. Tesla Model 3's Phone Key authentication is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to open a door and drive the car away by leveraging access to a legitimate Phone Key.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://github.com/fmsh-seclab/TesMla
x_refsource_MISC
https://youtu.be/cPhYW5FzA9A
x_refsource_MISC
https://fmsh-seclab.github.io/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now