GoKawiilThis is one of those vulnerabilities you find by hand, with a coffee, an IDA window, and zero help from a language model. Do you remember those old good days?
This second article describes how this anti-downgrade works, and how we bypassed it by abusing the order of operations between the partition table write and the slot erase, replaying the original Pwn2Own attack on a fully up-to-date charger.
Tesla then shipped a firmware update that adds an anti-downgrade check to the update routine. Every firmware image now carries a security ratchet value, and the updater refuses any image whose ratchet is lower than the one stored on the device.
In a previous article , we presented an attack against the Tesla Wall Connector Gen 3 used during Pwn2Own Automotive 2025. The exploit chain relied on a simple fact: there was no anti-downgrade mechanism. Once we could speak UDS over the charging cable, we could just write an old, vulnerable firmware to the passive slot, reboot, and pop the debug shell.
Looking to improve your skills? Discover our trainings sessions! Learn more .
A quick recap of the update procedure
We described the full update flow over Single-Wire CAN in the first article. In short:
Open a UDS session (type 2 ). Authenticate with Security Access (level 5 , XOR- 0x35 algorithm). Run routine 0xFF00 to prepare and erase the passive slot. Write 0x0E to identifier 0x102 to mark the slot as “settable via UDS”. Push the firmware with Request Download / Transfer Data / Request Transfer Exit . Run routine 0x201 to validate the freshly written image and switch slots. Run routine 0x202 to reboot.
As a reminder, the AW-CU300 uses two firmware slots: one active (currently running) and one passive (target of the update). After a successful update, slots flip and the new firmware becomes active on next boot.
What changed in 24.44.3
... continue reading