A vulnerability in certain Tesla cars
A vulnerability in certain Tesla cars that use AMD Chips allows unfettered access to features that should be behind paywalls, including the ability to accelerate faster and access heated rear seats for free, researchers say. The flaw, which cannot be patched, is specific to the architecture of Tesla’s AMD chips, which powers the Infotainment System in models like the third-generation Model S and Model 3.
Researchers at the Technical University of Berlin
Researchers at the Technical University of Berlin were able to bypass Tesla’s software locks using a voltage fault injection attack on the AMD Security Processor. This allowed them to run arbitrary software on the infotainment system and access private user data.
“Our research shows that current generations of Tesla vehicles are affected by a permanent security vulnerability which cannot be fixed,” the researchers say. “We can use this vulnerability to extract a unique hardware-bound RSA key used for authentication and authorization. Moreover, we can use this key to run arbitrary software on the infotainment system. This allows us to access private user data and to bypass Tesla’s paywall.”
While this poses a risk to user privacy, it also allows users to bypass Tesla’s paywall and access features like faster acceleration and heated rear seats for free.
“We gained root permissions on the Infotainment System which allows us to make changes to the Linux system underlying Tesla’s AMD hardware,” the researchers say. “This includes the ability to decrypt encrypted storage and access private user data such as the phonebook and calendar entries.”
The researchers emphasise the severity of this vulnerability, saying it “cannot be fixed” and that it “allows anybody to run arbitrary software on the infotainment system.” This means anybody can access a user’s private data with access to the car, as well as potentially accessing the car with only the ability to run malicious code on the infotainment system.
Despite this, the ability to access paywalled features for free may be seen as a benefit by some users. Other car manufacturers also lock certain features behind paywalls, but Tesla is known for its in-car purchases.
Earlier this year, the same chips that enable this paywall-bypassing system also allowed for Steam integration in the car when parked. These chips also had to be patched previously due to overheating issues.
Check out our guide to the best gaming PC for more of the best tech for your next build.