Hack a Tesla? All you need is a drone and a WiFi key

Hack a Tesla? All you need is a drone and a WiFi key

WiFi-based attacks are certainly nothing new and with the advancement of technology in cars, they can become a significant problem even in this sector: so far there have been no sensational cases of "hacked" cars, however it is not to be excluded. the possibility that exploits can be exploited to attack these systems as well.

If you are among those who think that the problem is still far away, you would do well to change your mind: the two researchers Ralf-Philipp Weinmann and Benedikt Schmotzle have discovered some zero-click vulnerabilities within ConnMan, an open-source component found inside Tesla cars. The vulnerabilities in question have been called TBONE and afflict, to be precise, the Tesla Model 3, Model Y, Model S and Model X.

The exploits were unearthed during PWN2OWN 2020, a famous hackaton that took place was held online last November. On that occasion, the researchers communicated their results to Tesla, which moved quickly to close the flaws with an update released in October 2020. Subsequently, on the occasion of CanSecWest 2021 (another important security conference held a few days ago) Ralf-Philipp Weinmann and Benedikt Schmotzle gave a demonstration of the attack.

But what could an attacker who exploits such an attack do ? A lot of things. Taking advantage of the flaws uncovered by the researchers would in fact allow to gain control of the infotainment system, lock or unlock the trunk and doors, change the position of the seats, the temperature of the air conditioning system and, perhaps the worst option, control the steering and throttle. . In short, a hacker could remotely control every aspect of the car, even if there is someone sitting behind the wheel. Fortunately, however, it seems we cannot bypass the driver's manual controls.

During their tests, the two researchers were able to open the doors of a Tesla Model X using a DJI Mavic 2 drone, which carried a WiFi key. No physical interaction with the vehicle was required. According to Weinmann and Schmotzle, the vulnerabilities would not only affect Tesla, but also other brands that exploit ConnMan: according to their statements, almost half of the automotive industry uses this component within the infotainment systems on internet-connected cars. >
Earlier this year, researchers informed Intel (ConnMan's creator) and the entire automotive industry about the problem. A new version of ConnMan was released last February with patches for these vulnerabilities.