CVE-2023-32156

Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from improper error-handling during the update process. An attacker can leverage this vulnerability to execute code in the context of Tesla's Gateway ECU. . Was ZDI-CAN-20734.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.zerodayinitiative.com/advisories/ZDI-23-972/	Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-972/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:tesla:model_3_firmware:2023.6:*:*:*:*:*:*:*

cpe:2.3:h:tesla:model_3:-:*:*:*:*:*:*:*

History

13 Aug 2025, 12:44

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~9.0~~	v2 : unknown v3 : 8.8
CPE		cpe:2.3:h:tesla:model_3:-:::::::* cpe:2.3:o:tesla:model_3_firmware:2023.6:::::::*
CWE		NVD-CWE-noinfo
First Time		Tesla model 3 Tesla model 3 Firmware Tesla
References	~~() https://www.zerodayinitiative.com/advisories/ZDI-23-972/ -~~	() https://www.zerodayinitiative.com/advisories/ZDI-23-972/ - Third Party Advisory

Information

Published : 2024-05-03 02:15

Updated : 2025-08-13 12:44

NVD link : CVE-2023-32156

Mitre link : CVE-2023-32156

CVE.ORG link : CVE-2023-32156

JSON object : View

Products Affected

tesla

model_3
model_3_firmware

CWE

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

NVD-CWE-noinfo

{"id": "CVE-2023-32156", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "zdi-disclosures@trendmicro.com", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 9.0, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.3}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-05-03T02:15:20.353", "references": [{"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-972/", "tags": ["Third Party Advisory"], "source": "zdi-disclosures@trendmicro.com"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-972/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "zdi-disclosures@trendmicro.com", "description": [{"lang": "en", "value": "CWE-367"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability.\n\nThe specific flaw exists within the handling of firmware updates. The issue results from improper error-handling during the update process. An attacker can leverage this vulnerability to execute code in the context of Tesla's Gateway ECU.\n. Was ZDI-CAN-20734."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de validaci\u00f3n de firma de firmware de puerta de enlace Tesla Model 3. Esta vulnerabilidad permite a atacantes adyacentes a la red ejecutar c\u00f3digo arbitrario en los veh\u00edculos Tesla Model 3 afectados. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo privilegiado en el sistema de informaci\u00f3n y entretenimiento de Tesla para poder explotar esta vulnerabilidad. La falla espec\u00edfica existe en el manejo de actualizaciones de firmware. El problema se debe a un manejo inadecuado de errores durante el proceso de actualizaci\u00f3n. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de la ECU Gateway de Tesla. Era ZDI-CAN-20734."}], "lastModified": "2025-08-13T12:44:13.323", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:tesla:model_3_firmware:2023.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D214E54-F9A5-4E96-BC85-C86DD869D122"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:tesla:model_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "825A79FD-C872-4564-9782-83BEEADDF5D9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "zdi-disclosures@trendmicro.com"}