Voltage glitching unlocks Tesla features
【Summary】German researchers at Technische Universität Berlin have demonstrated a method to unlock paywalled features in Tesla vehicles by manipulating the voltage. By soldering wires to the infotainment and connectivity ECU, the researchers were able to trick the system into thinking it was being booted securely, gaining root access and unlocking features like heated seats. They were also able to extract user data stored in the Tesla computer.
A group of German PhD students from Technische Universität Berlin demonstrated at Black Hat how they were able to unlock paywalled features in a Tesla Model 3. Instead of approaching the problem from an outsider's perspective, the researchers wanted to make their own modifications as if they already had physical access to the vehicle. Their first attempt to modify the firmware was unsuccessful due to Tesla's secure boot process, which is a relatively new development in Tesla's computers. Previous versions of Tesla computers had vulnerabilities that were later fixed through firmware updates.
The researchers discovered that by soldering wires to the infotainment and connectivity ECU, they were able to manipulate the voltage at the right time to trick the system into thinking it was being booted securely. This allowed them to gain root access to the device and unlock the heated seats. Additionally, they were able to extract information about the car and user data stored in the Tesla computer, such as location history, Wi-Fi passwords, and session cookies for services like Spotify and Gmail.
When the researchers contacted Tesla to share their findings, Tesla's main concern was whether the exploit was persistent. Since it wasn't, Tesla did not respond further. Achieving persistence would require soldering a mod chip to the board itself, which could void the warranty. While the team hasn't tested the exploit in an actual Tesla yet, independent security researcher Oleg Drokin has tried it and believes it worked.
The team has not attempted to duplicate the exploit in other vehicles with software-locked features, such as BMWs, as they have not been able to find a computer from another vehicle with similar features. However, they speculate that other manufacturers may not have the same level of protection as Tesla. Tesla has invested time and money in defending against software attacks by attracting hackers, but it seems they did not consider a voltage glitch as a potential vulnerability.
The team that discovered the AMD voltage glitching vulnerability in 2021 suggested that software modifications could be made to detect voltage modulation and prevent insecure boots. It remains to be seen if Tesla will release a patch to address this issue. As of now, Tesla has not responded to inquiries about the matter.
-
Electric Nissan Juke: A Sneak Peek at the Future
-
Electric cars set to become more affordable
-
Major creditor in talks to acquire Volta Trucks
-
Chinese EV maker's valuation close to Tesla
-
EVs' Limited Success in the U.S., Excluding Teslas
-
Toyota's Dedication to Quality Shines in Century Bolt Tightening Process
-
Tragic Accident: Bentley's Speed Questioned in Niagara Falls Deaths
-
Accelerating Car Development with Mazda-backed AI Firm
- Global Automakers Seek Electric Vehicle Insights from China
- Major creditor in talks to acquire Volta Trucks
- Tesla factory in Texas plagued by explosions, injuries, and robot mishaps
- Tesla's Cybertruck Draws Enthusiastic Crowds Before Launch
- Electric hot hatch thrills at a more affordable cost
- Futuristic people mover revealed by Chinese electric-car start-up
- BMW XM 550 kW Safety Car
- Dacia closes website for Black Friday
- BMW Group delays agency sales
- Carmakers saturating market with fresh electric vehicles
About Us
Contact Us
Careers