CVE-2020-10558

MEDIUM

Tesla Model 3 <2020.4.10 - DoS

Title source: llm

Description

The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notifications, along with other miscellaneous functions from the main screen.

Exploits (3)

nomisec WRITEUP 14 stars

by nullze · poc

https://github.com/nullze/CVE-2020-10558

View Code ZIP pw:eip

nomisec STUB

by AmazingOut · poc

https://github.com/AmazingOut/Tesla-CVE-2020-10558

View Code ZIP pw:eip

inthewild WRITEUP

poc

https://github.com/nuzzl/cve-2020-10558

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory] https://cylect.io/blog/Tesla_Model_3_Vuln/

[Exploit, Third Party Advisory] https://safekeepsecurity.com/about/cve-2020-10558/

Scores

CVSS v3 6.5

EPSS 0.3348

EPSS Percentile 96.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

Status published

Products (1)

tesla/model_3_web_interface < 2020.4.10

Published Mar 20, 2020

Tracked Since Feb 18, 2026