According to media reports, malicious hackers may remotely switch off the lights, blow the horn, open the boot, and operate the windscreen wipers by breaking into Tesla‘s infotainment system.
The researchers uncovered the three flaws that might be leveraged to hack into Tesla while working for the French security firm Synacktiv.
According to TechCrunch, the researchers believe that the worst-case scenario permitted by these vulnerabilities is to irritate and perhaps disturb a driver.
Tesla, on the other hand, informed the researchers that they couldn’t have turned on and off the car or directed it.
According to the article, one of the researchers, Eloi Benoist-Vanderbeken, feels it is doable.
“Tesla mentioned we wouldn’t be able to turn the steering wheel, accelerate or brake. But from our understanding of the car architecture we are not sure that this is correct, but we don’t have proof of it,” Vanderbeken was quoted as saying.
The researchers didn’t have full access to a Tesla at the moment, but they plan to fact-check the company’s claims once they do.
Furthermore, the first vulnerability was exploitable via Bluetooth, the second allowed the researchers to elevate their privileges and become root (cybersecurity jargon for the highest level of system access — giving them free rein to execute code in the infotainment system), and the third gave them control of the security gateway, a component that sends commands to the car.
“It’s not at the point of a modern browser running on an iPhone or an Android, but it’s not that far from it. Tesla cars are really well connected to the internet, so they need to take care of security because they are likely to be targeted more than other cars,” Vincent Dehors, Cyber Security Engineer, Synacktiv, was quoted as saying.
According to the article, the researchers also said that Tesla is working on remedies for these vulnerabilities, which should be released to cars soon.
Tesla halted the release of its Full Self-Driving (FSD) beta software in the United States and Canada last month until a firmware upgrade to resolve a safety recall could be issued.
“Tesla has issued a voluntary recall on certain Model S, Model 3, Model X and Model Y vehicles that have installed or are pending installation of software that contains the Full Self-Driving (FSD) Beta feature,” Tesla wrote on the support page.