Primary

Context

Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability

Vulnerability

Patched

A race condition vulnerability has been identified in the Iris modem of Tesla Model S vehicles, allowing network-adjacent attackers to bypass the firewall. This issue arises from the firewall service's failure to properly manage the xtables lock, enabling attackers to manipulate firewall rules. Notably, no authentication is required to exploit this vulnerability.

Impact

Exploitation of this vulnerability allows for unauthorized firewall rule manipulation, potentially leading to unauthorized network access or interference.

Remediation

This vulnerability has been fixed in Tesla firmware version 2024.2.3.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.6

exploitability

4.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

0.6

exploitability

4.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Tesla Model S

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating