{"vulnerability": "CVE-2020-29440", "sightings": [{"uuid": "be643f8d-8d1c-413a-9dcb-876c1b234b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29440", "type": "seen", "source": "https://t.me/cibsecurity/16955", "content": "\u203c CVE-2020-29440 \u203c\n\nTesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). This allows an attacker (who is inside a vehicle, or is otherwise able to send data over the CAN bus) to start and drive the vehicle with a spoofed key fob.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-01T00:53:26.000000Z"}]}