{"uuid": "c48aa97c-8321-4b1f-a960-4dfd85d18e3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-6418", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/24", "content": "ELECTRIC CHROME - CVE-2020-6418 on Tesla Model 3\n\n@HawaiiFive0day got RCE on his brand new Tesla due to chrome's patch gap via porting an @Exodusintel google chrome exploit. A sandbox escape is in the works!\n\nContents:\n\u2022 Identifying and building the vulnerable V8\n\u2022 Sidebar: Changing commits\n\u2022 Running the exploit\n\u2022 Why doesn\u2019t it work?\n\u2022 Troubleshooting with git bisect\n\u2022 Pointer Compression\n\u2022 Starting from scratch\n\u2022 Building fakeobj\n\u2022 Expanding to arbitrary read/write\n\u2022 Disassembling a JIT-compiled function, with a surprise\n\u2022 Running shellcode via WebAssembly\n\u2022 Further Improvements\n\u2022 Conclusion\n\nhttps://leethax0.rs/2021/04/ElectricChrome/", "creation_timestamp": "2021-04-13T10:21:19.000000Z"}