CVE-2024-6029

Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firewall service. The issue results from a failure to obtain the xtables lock. An attacker can leverage this vulnerability to bypass firewall rules. Was ZDI-CAN-23197.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector : AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Exploitability : 1.6 / Impact : 3.4

Attack Vector ADJACENT_NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.zerodayinitiative.com/advisories/ZDI-25-260/

Configurations

No configuration.

History

02 May 2025, 13:53

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de elusión del firewall en condiciones de ejecución del módem Iris del Tesla Model S. Esta vulnerabilidad permite a atacantes adyacentes a la red eludir el firewall del módem Iris en los vehículos Tesla Model S afectados. No se requiere autenticación para explotar esta vulnerabilidad. La falla específica existe en el servicio de firewall. El problema se debe a un fallo al obtener el bloqueo de xtables. Un atacante puede aprovechar esta vulnerabilidad para eludir las reglas del firewall. Anteriormente, se denominaba ZDI-CAN-23197.

30 Apr 2025, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-30 20:15

Updated : 2025-05-02 13:53

NVD link : CVE-2024-6029

Mitre link : CVE-2024-6029

CVE.ORG link : CVE-2024-6029

JSON object : View

Products Affected

No product.

CWE

CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition

5.0 /10