Tesla’s AMD chips have a serious, unpatchable flaw

Certain Tesla cars' infotainment system vulnerability allows free access to paywalled features.

Tesla’s AMD chips have a serious, unpatchable flaw
Published by José @ PC Game Spotlight a year ago

A vulnerability in certain Tesla cars

A vulnerability in certain Tesla cars that use AMD Chips allows unfettered access to features that should be behind paywalls, including the ability to accelerate faster and access heated rear seats for free, researchers say. The flaw, which cannot be patched, is specific to the architecture of Tesla’s AMD chips, which powers the Infotainment System in models like the third-generation Model S and Model 3.

Researchers at the Technical University of Berlin

Researchers at the Technical University of Berlin were able to bypass Tesla’s software locks using a voltage fault injection attack on the AMD Security Processor. This allowed them to run arbitrary software on the infotainment system and access private user data.

“Our research shows that current generations of Tesla vehicles are affected by a permanent security vulnerability which cannot be fixed,” the researchers say. “We can use this vulnerability to extract a unique hardware-bound RSA key used for authentication and authorization. Moreover, we can use this key to run arbitrary software on the infotainment system. This allows us to access private user data and to bypass Tesla’s paywall.”

While this poses a risk to user privacy, it also allows users to bypass Tesla’s paywall and access features like faster acceleration and heated rear seats for free.

“We gained root permissions on the Infotainment System which allows us to make changes to the Linux system underlying Tesla’s AMD hardware,” the researchers say. “This includes the ability to decrypt encrypted storage and access private user data such as the phonebook and calendar entries.”

The researchers emphasise the severity of this vulnerability, saying it “cannot be fixed” and that it “allows anybody to run arbitrary software on the infotainment system.” This means anybody can access a user’s private data with access to the car, as well as potentially accessing the car with only the ability to run malicious code on the infotainment system.

Despite this, the ability to access paywalled features for free may be seen as a benefit by some users. Other car manufacturers also lock certain features behind paywalls, but Tesla is known for its in-car purchases.

Earlier this year, the same chips that enable this paywall-bypassing system also allowed for Steam integration in the car when parked. These chips also had to be patched previously due to overheating issues.

Check out our guide to the best gaming PC for more of the best tech for your next build.
Unpatchable AMD chip flaw allows hackers to unlock Tesla feature upgrades
Unpatchable AMD chip flaw allows hackers to unlock Tesla feature upgrades
Starfield guide
Starfield guide
AMD confirms Radeon RX 7800 XT and RX 7700 XT won’t use 16-pin power
AMD confirms Radeon RX 7800 XT and RX 7700 XT won’t use 16-pin power

Similar Articles

Starfield review scores are irrelevant, according to Bethesda
Starfield review scores are irrelevant, according to Bethesda

Starfield's average review score is 87, with Cyberpunk 2077 at 90, but Bethesda believes review scores are "irrelevant".

 Starfield
How to smuggle Starfield Contraband
How to smuggle Starfield Contraband

Smuggle valuable Starfield Contraband items for a high value, but beware the risk of getting caught.

 Starfield
How to lockpick in Starfield
How to lockpick in Starfield

Unlock valuable loot behind locked doors in Starfield with the lock-picking mechanic, but watch out for NPCs!

 Starfield
Save $50 on the SteelSeries Arctis Nova Pro wireless gaming headset
Save $50 on the SteelSeries Arctis Nova Pro wireless gaming headset

Be one of the first to grab the newly released SteelSeries Arctis Nova Pro wireless gaming headset at a $50 discount with code SSCV2826.

 SteelSeries Arctis Nova Pro
Volition, the studio behind Saints Row, is closing down with mass layoffs
Volition, the studio behind Saints Row, is closing down with mass layoffs

Volition, the studio behind Saints Row, Agents of Mayhem, and Red Faction Guerilla, is closing down with mass layoffs

 Saints Row
Raspberry Pi Pico powers a gorgeous wooden fighting stick
Raspberry Pi Pico powers a gorgeous wooden fighting stick

Crafted from wood, this Raspberry Pi Pico fight stick features a custom case and an all-button design for a unique gaming experience.

 Raspberry Pi Pico
Best Terraria mods 2023
Best Terraria mods 2023

Enhance and extend your Terraria experience with these top mods.

 Terraria
Users are sad about Saints Row developer Volition shutting down
Users are sad about Saints Row developer Volition shutting down

Fans disappointed by the closure of Saints Row developer Volition, while others express a desire for Red Faction Guerrilla 2.

 Saints Row
How to recruit crew members in Starfield
How to recruit crew members in Starfield

Learn how to recruit crew members in Starfield and negotiate their recruitment price to enhance your ship and outposts.

 Starfield
Volition, studio behind Saints Row and Red Faction, abruptly closes
Volition, studio behind Saints Row and Red Faction, abruptly closes

Volition, the studio behind Saints Row and Red Faction, closes its doors after losing funding for Project Y.

 Saints Row
The weirdest game I’ve ever played – our favourites explained
The weirdest game I’ve ever played – our favourites explained

Explore the weirdest games ever made and their impact on our lives. From Katamari to Viva Pinata, these games will leave you intrigued and amazed.

 Weird Games
Get into Magic: The Gathering’s Commander Masters format
Get into Magic: The Gathering’s Commander Masters format

Get into Magic: The Gathering’s popular Commander Masters format with our comprehensive guide to the MTG cards.

 Magic: The Gathering