216.73.216.170

CVE-2024-6030

· Published 30/04/2025 20:15 · Modified 30/04/2025 20:15

Labels: CVE-2024-6030 2025-04-30CVE-2024-6030CWE-250[email protected]

Essential information

Published
30/04/2025 20:15
Modified
30/04/2025 20:15
Author
Creator
CVSS
7.0 HIGH (v3.0)
CISA KEV
No
CWE
CVSS vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS metrics

Description

Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this vulnerability. The specific flaw exists within the oFono process. The process allows an attacker to modify interfaces. An attacker can leverage this vulnerability to bypass the iptables network sandbox. Was ZDI-CAN-23200.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
tesla / model s cpe:2.3:a:tesla:model_s:*:*:*:*:*:*:*:tesla:model_s:*:*

References