❤️ Running code on Tesla security ECU from tire: dlDetails on new CVE-2025-2082 vulnerability.
Security researchers Thomas Imbert, Vincent Dehors, and David Bérard found and responsibly disclosed recently a remote code execution (RCE) vulnerability in Tesla’s VCSEC ECU.
Technical overview: By manipulating the response sent from the Tire Pressure Monitoring System (TPMS), an attacker can trigger an integer overflow and execute code in the context of the VCSEC module. This gives the attacker the ability to send arbitrary messages to the vehicle’s CAN bus.
More details: “0-click RCE on Tesla Model 3 through TPMS Sensors” [PDF]:
https://www.synacktiv.com/sites/default/files/2024-10/hexacon_0_click_rce_on_tesla_model_3_through_tpms_sensors_light.pdf
Advisory: https://www.zerodayinitiative.com/advisories/ZDI-25-265/
Under Pressure: Exploring a Zero-Click RCE Vulnerability in Tesla’s TPMS:
https://vicone.com/blog/under-pressure-exploring-a-zero-click-rce-vulnerability-in-teslas-tpms