Tesla Model 3 hacked within two minutes in 'hackathon' contest

1 Apr 2023, 05:01 am

Share

Henry Man

2023 Tesla Model Y Performance SUV Blue 2

Gallery2

A team of French cybersecurity researchers have exploited a Tesla Model 3’s critical systems twice at the Zero Day Initiative’s Pwn2Own annual hacking contest in Vancouver.

These events are also known as 'hackathons' and are commonly run as a 'whitehat' security exercise to help identify vulnerabilities that might otherwise be exploited by bad actors.

Snapshot

French researchers exploited Model 3 system vulnerabilities twice
Allowed them to open doors, deep access into central infotainment system
Hacking contest aims to surface hidden ‘zero-day’ vulnerabilities for affected companies to address

The Synacktiv team gained access the electric vehicle within two minutes by executing a time-of-check-to-time-of-use (TOCTTOU) attack on Tesla's Gateway energy management system.

It allowed them to remotely open the frunk (front storage) while the vehicle was driving – and were rewarded with $149,300 (US$100,000) and a new Model 3 sedan for discovering the tier-three vulnerability.

Ev Buyers Guide Tesla Model Y 5 Interior

2

What is a hackathon?

In the context of finding vulnerabilities, a hackathon is an organized event where security professionals or ethical hackers come together to identify and exploit vulnerabilities in a particular system or application. Participants work in teams or individually to find and report security flaws, with the goal of improving the security of the system or application.

In the second hack, Synacktiv researchers exploited a heap-overflow vulnerability and an out-of-bounds write error in an external Bluetooth chipset to access Tesla’s infotainment system and subsequently gain root access to other deeper subsystems.

They were rewarded an additional $373,200 (US$250,00) bounty as the contest’s first-ever attack classified as a tier-two level – which is reversed for particularly impactful vulnerabilities and exploits.

Due to the risk of hacking a vehicle, the team demonstrated their exploits on a separated Tesla head unit and componentry – which is the home to nearly all of the vehicle’s controls, including the speedometer, adjusting the mirrors, and opening the glovebox.

CONFIRMED! @Synacktiv used a heap overflow & an OOB write to exploit the Infotainment system on the Tesla. When they gave us the details, we determined they actually qualified for a Tier 2 award! They win $250,000 and 25 Master of Pwn points. 1st ever Tier 2 award. Stellar work! pic.twitter.com/IPOnXG5S0u
— Zero Day Initiative (@thezdi) March 23, 2023

In total, participants in the three-day hacking contest discovered 27 unique zero-day vulnerabilities, including in Microsoft SharePoint, Teams and the Windows 11 operating system, with the Trend Micro-owned organisation giving out $1.5 million (US$1.03 million).

Unlike other carmakers, Tesla recently published its data privacy policy, stressing its high-tech EVs mostly localise and anonymise data collection.

Major car brands are increasingly becoming ‘software-driven’ technology companies by investing in their own operating systems, while others such as Volvo, Polestar and Renault adopt built-in systems from tech giants such as Google’s Android Automotive and the forthcoming next-generation Apple CarPlay.

MOREEverything Tesla

MOREThe future of driving: new cars, new tech, safer driving

Henry Man

Contributor

Henry is a motoring journalist passionate about the intersection of technology and transportation, with a focus on electric vehicles.

COMMENTS

Please enable JavaScript to view the comments powered by Disqus.