Tuesday, December 1, 2020
CVE-2020-29438
nist.gov
In: nist.gov
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip. CVE-2020-29438