ZDI-CAN-23200: (Pwn2Own) Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability
First published: Wed Apr 30 2025(Updated: )
This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this vulnerability. The specific flaw exists within the oFono process. The process allows an attacker to modify interfaces. An attacker can leverage this vulnerability to bypass the iptables network sandbox.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tesla Model S Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-CAN-23200?
The severity of ZDI-CAN-23200 is considered high due to its potential impact on vehicle security.
How do I fix ZDI-CAN-23200?
To fix ZDI-CAN-23200, Tesla recommends updating the firmware of the affected Model S vehicles to the latest version.
Who is affected by ZDI-CAN-23200?
ZDI-CAN-23200 affects Tesla Model S vehicles that are running vulnerable firmware.
What does ZDI-CAN-23200 allow an attacker to do?
ZDI-CAN-23200 allows local attackers to escape the sandbox environment on affected Tesla Model S vehicles.
What is required to exploit ZDI-CAN-23200?
An attacker must first have the ability to execute code within the sandbox on the target Tesla Model S to exploit ZDI-CAN-23200.
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-25-263
- alias/ZDI-CAN-23200
- alias/CVE-2024-6030
- agent/software-canonical-lookup
- agent/title
- agent/source
- agent/severity
- agent/softwarecombine
- agent/type
- collector/zdi-published
- agent/last-modified-date
- agent/tags
- agent/description
- agent/references
- agent/first-publish-date
- agent/event
- vendor/tesla
- canonical/tesla model s firmware