Two security researchers partially took control of a Tesla Model X using a DJI drone by exploiting a security hole in the infotainment system’s Wi-Fi connection.
Last week, on the occasion ofheld every year at the CanSecWest computer security conference in Vancouver (Canada), two security researchers gave an incredible demonstration by hacking a remotely using a .
Ralf-Philipp Weinmann and Benedikt Schmotzle revealed how to launch a zero-click attack by connecting to the infotainment system of the. For this, they used a DJI Mavic 2 drone and a dongle . In the video below, we see that it takes them barely three minutes to unlock the and open them. Experts have exploited two security flaws present in the open-source ConnMan software which is used in infotainment systems of , but also other brands , to manage the Internet connection.
According to the two researchers Ralf-Philipp Weinmann and Benedikt Schmotzle, their hack of a Tesla with a DJI drone could work from 100 meters away. © Secwestnet
Tesla fixed this security flaw
Baptized, this attack made it possible to unlock the doors and the trunk, to change the position of the seats, the steering and acceleration settings. The two researchers explain that it would even have been possible to add an element to be able to inject new Wi-Fi firmware into the car in order to transform it into an access point that can be used to hack other nearby Tesla. They specify, however, that their exploit does not allow full control of the car but that it works on Model S, 3, X and Y.
The TBONE attack was originally scheduled to be featured during Pwn2Own 2020, but the event was canceled due to the. In the meantime, the researchers have warned Tesla, Intel (behind ConnMan) as well as the German CERT so that it can approach other car brands concerned. plugged the breach in a software update released last October and awarded a bounty of $ 31,500 to the two researchers. It is not known if other manufacturers have released security fixes as well.