Two security researchers detailed how they managed to remotely access parked Tesla vehicles, finding vulnerabilities in the systems open-source software component (ConnMann).
The duo published their findings on May 4, explaining how they were able to compromise parked Teslas, and control their infotainment systems over WiFi through the use of a drone. They said they could also open the EVs' doors and trunk, change the seats' positions, and the steering and acceleration modes, but they could not directly control the driving system of the car.
Essentially, they were able to press all the same buttons a driver could, just not actually switch the vehicle into drive mode.
The team consisted of Ralf-Philipp Weinmann of Kunnamon, Inc., and Benedikt Schmotzle of Comsecuris GmbH. They called their exploits TBONE, with the hope of sharing what they discovered at last year's PWN2OWN contest. When that contest didn't take place due to COVID-19 closures, Weinmann and Schmotzle instead decided to directly contact Tesla to inform the company of these vulnerabilities, and then publish their findings online.
Before publishing the information, though, Tesla had the time to address the vulnerabilities, which can no longer pose a problem for the company's EVs.
For example, ConnMann released a new version in February 2021, and patches in the Git repository have been checked.
What's fascinating about this discovery is that everything could be done remotely, which is why Weinmann and Schmotzle used a drone to remotely access the Teslas — the duo didn't even have to see the vehicles to hack into them, let alone be near them.
Explaining their motive, the two researchers said "Our mission at Kunnamon is to bring the power of cloud computing and emulation for testing embedded automotive systems, at scale."
Bug bounty programs
It's not unheard of for people to find vulnerabilities in systems, especially when they're new or have recently seen software updates. Last year, someone managed to hack into their own car from a laptop, for instance.
Companies releasing new software, and products largely welcome such information. A number of bug bounty programs have circulated far and wide, which encourage hackers and tech enthusiasts to try and hack into or to discover vulnerabilities in systems by offering them money in exchange for their information.
In Tesla's case, in 2019 the company even offered one of its Model 3s to anyone who managed to hack its car.
Other good examples of bounty programs were Sony offering prizes of $50,000 or more to anyone who managed to find bugs in its new PS4, and Apple offering millions back in 2019 for anyone who could find vulnerabilities in its new systems.
Let's see if Weinmann and Schmotzle get anything from Tesla in return for their discovery, but if anything, they already gain recognition just for revealing their discovery.