CVE-2020-29440 - Vulnerability Details - OpenCVE

Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive the vehicle with a spoofed key fob.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tesla	Model X Model X Firmware

Configuration 1 [-]

AND

cpe:2.3:o:tesla:model_x_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:tesla:model_x:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.wired.com/story/tesla-model-x-hack-bluetooth/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-11-30T21:23:12

Updated: 2024-08-04T16:55:09.684Z

Reserved: 2020-11-30T00:00:00

Link: CVE-2020-29440

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-11-30T22:15:11.010

Modified: 2024-11-21T05:24:00.523

Link: CVE-2020-29440

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive the vehicle with a spoofed key fob."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-11-30T21:23:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.wired.com/story/tesla-model-x-hack-bluetooth/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2020-29440", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive the vehicle with a spoofed key fob."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.wired.com/story/tesla-model-x-hack-bluetooth/", "refsource": "MISC", "url": "https://www.wired.com/story/tesla-model-x-hack-bluetooth/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T16:55:09.684Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.wired.com/story/tesla-model-x-hack-bluetooth/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2020-29440", "datePublished": "2020-11-30T21:23:12", "dateReserved": "2020-11-30T00:00:00", "dateUpdated": "2024-08-04T16:55:09.684Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tesla:model_x_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F6172D4-78B1-451A-A1CD-D83E8514C3F6", "versionEndExcluding": "2020-11-23", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:tesla:model_x:-:*:*:*:*:*:*:*", "matchCriteriaId": "C550FF8A-58ED-4265-B33F-10AFDEA95519", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive the vehicle with a spoofed key fob."}, {"lang": "es", "value": "Los veh\u00edculos Tesla Model X anterior al 23-11-2020 no realizan la comprobaci\u00f3n del certificado durante un intento de emparejar un nuevo llavero con el m\u00f3dulo de control de carrocer\u00eda (BCM). Esto permite a un atacante (que se encuentra dentro de un veh\u00edculo, o que puede enviar datos por medio del bus CAN) arrancar y conducir el veh\u00edculo con un llavero falso"}], "id": "CVE-2020-29440", "lastModified": "2024-11-21T05:24:00.523", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-11-30T22:15:11.010", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Press/Media Coverage", "Third Party Advisory"], "url": "https://www.wired.com/story/tesla-model-x-hack-bluetooth/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Press/Media Coverage", "Third Party Advisory"], "url": "https://www.wired.com/story/tesla-model-x-hack-bluetooth/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}