Tesla Hackers Discover Unfixable Jailbreak
A security researcher and three PhD students from Germany have discovered a method to exploit Tesla’s current AMD-based cars, leading to what is being called the world’s first persistent “Tesla Jailbreak.” They plan to present their findings at Blackhat 2023. The jailbreak uses a hardware exploit against a component in Tesla’s latest media control unit (MCU), allowing access to critical systems, including in-car purchases. The attack can potentially trick the car into thinking purchases are paid for. This also enables the extraction of a vehicle-specific cryptography key used for authentication within Tesla’s service network.
The attack is unpatchable on current cars, meaning software updates won’t mitigate it. It targets the embedded AMD Secure Processor (ASP) within the MCU. The method involves voltage-based fault attacks during the boot process, allowing the attackers to glitch the ASP into recognizing their custom cryptographic key as valid.
Tesla offers various features locked behind software paywalls, such as heated seats and acceleration boosts. The company’s emphasis on software upgrades makes it a target for such attacks. As cars become more computerized, these types of hacks could become more common, prompting automakers to address vulnerabilities to protect their systems.