CVE-2024-6029

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/04/2025
Last modified:
02/05/2025

Description

Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnerability.<br /> <br /> The specific flaw exists within the firewall service. The issue results from a failure to obtain the xtables lock. An attacker can leverage this vulnerability to bypass firewall rules. Was ZDI-CAN-23197.

References to Advisories, Solutions, and Tools