Primary

Context

Tesla Model S Iris Modem QCMAP Connection Manager Improper Input Validation Sandbox Escape Vulnerability

Vulnerability

Patched

A sandbox escape vulnerability has been identified in the QCMAP_ConnectionManager component of the Tesla Model S Iris Modem. This vulnerability allows local attackers to escape the sandbox environment on affected vehicles. To exploit this vulnerability, an attacker must first gain the ability to execute low-privileged code on the target system. Once this is achieved, the vulnerability can be leveraged to assign LAN addresses to the WWAN, potentially allowing access to network services intended only for the internal LAN.

Impact

Exploitation of this vulnerability could lead to unauthorized access to internal network services by escaping the sandbox environment and manipulating network address assignments.

Remediation

This vulnerability has been fixed in Tesla Firmware Version 2024.8.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tesla Model S Iris Modem QCMAP Connection Manager Improper Input Validation Sandbox Escape Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Tesla Model S

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating