CVE-2025-8321
BaseFortify
Publication date: 2025-07-30
Last updated on: 2025-08-12
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tesla | wall_connector_firmware | to 24.44.3 (exc) |
| tesla | wall_connector | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1328 | Security-version number in hardware is mutable, resulting in the ability to downgrade (roll-back) the boot firmware to vulnerable code versions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8321 is a vulnerability in Tesla Wall Connector devices that allows attackers who are physically present to execute arbitrary code without needing authentication. The flaw is in the firmware upgrade feature, where there is no anti-downgrade mechanism. This means an attacker can downgrade the device firmware to an older, vulnerable version and then exploit it, potentially alongside other vulnerabilities, to run malicious code on the device. [1]
How can this vulnerability impact me? :
This vulnerability can have a significant impact by allowing attackers to execute arbitrary code on Tesla Wall Connector devices, affecting the confidentiality, integrity, and availability of the device. Since no authentication is required and the attack complexity is low, an attacker with physical access could compromise the device, potentially disrupting its operation or stealing sensitive information. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability requires physical presence to exploit and involves firmware downgrade on Tesla Wall Connector devices. Detection would involve physically inspecting the device firmware version to identify if it has been downgraded to a vulnerable version. There are no specific network detection commands provided. Commands to query the firmware version on the device, if available, could help detect if the firmware is outdated or downgraded, but no such commands are detailed in the provided resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include preventing unauthorized physical access to Tesla Wall Connector devices to stop attackers from exploiting the firmware downgrade vulnerability. Additionally, ensure the device firmware is updated to the latest version that addresses this vulnerability once a patch is available. Since the vulnerability exploits the lack of an anti-downgrade mechanism, avoid manually downgrading firmware versions. [1]