A critical vulnerability in Tesla Model 3 vehicles, tracked as CVE-2025-2082, allowed attackers to execute arbitrary code remotely by exploiting the car’s tire pressure monitoring system (TPMS).
Discovered by researchers from Synacktiv at Pwn2Own Vancouver 2024, the flaw enabled unauthorized control over critical vehicle functions without user interaction.
How the Vulnerability Works
The exploit targets the Vehicle Controller Secondary (VCSEC) module, which manages TPMS communications, door locks, and startup procedures.
Attackers could manipulate the certificate authentication process during TPMS sensor pairing, triggering an integer overflow in the VCSEC’s memory.
This flaw allowed malicious code execution, potentially enabling attackers to send arbitrary commands to the vehicle’s Controller Area Network (CAN) bus-a system governing functions like acceleration and braking.
Key technical factors include:
- Zero-Click Exploit: No user interaction required, as the TPMS automatically processes data.
- Memory Configuration: The VCSEC’s memory was marked as readable, writable, and executable (RWX), bypassing modern security safeguards.
- Attack Vector: Network-adjacent attackers could exploit the flaw via Bluetooth-enabled TPMS sensors in newer Model 3 vehicles.
Impact and Remediation
Successful exploitation could lead to vehicle theft, unauthorized access, or disruption of safety-critical systems. Tesla addressed the issue in Firmware Version 2024.14, released in April 2025.
The vulnerability scored a CVSS 7.5 (High severity), with risks mitigated by its network-adjacent attack requirement.
Disclosure Timeline
- March 28, 2024: Vulnerability reported to Tesla.
- April 30, 2025: Public advisory released via Zero Day Initiative (ZDI).
Security experts emphasize the growing importance of securing automotive systems, particularly as vehicles adopt more wireless interfaces.
Synacktiv researchers Thomas Imbert, Vincent Dehors, and David Berard were credited with the discovery.
This incident underscores the challenges in securing complex vehicle ecosystems, where a single component-like the TPMS-can serve as a gateway for broader system compromise.
Tesla’s rapid response highlights the auto industry’s increasing reliance on coordinated vulnerability disclosure programs to address emerging threats.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
%20(1).webp?w=1200&resize=1200,0&ssl=1&description=Discovered by researchers from Synacktiv at Pwn2Own Vancouver 2024, the flaw enabled unauthorized control over critical vehicle functions without user interaction.){kind=link}