Skip to main content
  1. Home
  2. Cars
  3. News

Tesla issues software patch after hackers take control of a Model S

Ronan Glon
By

Tesla Model S
Image used with permission by copyright holder
Six significant security flaws with the Tesla Model S let hackers take control of the vehicle, a team of American researchers has found.

Kevin Mahaffey, the chief technology officer of cybersecurity firm Lookout, and Marc Rogers, the principal security researcher at Cloudflare, explain that they chose to hack into a Tesla because the Silicon Valley-based company seemingly understands software better than most car makers. The results they obtained were surprising.

Recommended Videos

“The handbrake comes on, lurching it to a stop.”

“We shut the car down when it was driving initially at a low speed of five miles per hour. All the screens go black, the music turns off, and the handbrake comes on, lurching it to a stop,” said Rogers in an interview with the
Related
Financial Times.

Whether a hacker can turn off the electric sedan at speeds higher than five miles per hour was not disclosed. The researchers will release full details about the hack, including precisely how the S was hacked and a full list of the security flaws, during the Def Con conference that will open its doors in Las Vegas, Nevada, today.

Mahaffey and Rogers spent about two years studying the architecture of the Model S. Wired reports that the researchers managed to start and drive the car using software commands by simply plugging a laptop into a network cable behind the dashboard. They also managed to shut down the engine using a remote-access Trojan that they physically installed on the network. Finally, they noted that the infotainment system uses an outdated browser with an Apple WebKit vulnerability that hackers can potentially use to remotely take control of the car.

Tesla has not issued an official response, but it quickly designed an over-the-air patch that has already been sent to Model S owners.

“Tesla has taken a number of different measures to address the effects of all six vulnerabilities reported by [the researchers]. In particular, the path that the team used to achieve root (superuser) privileges on the infotainment system has been closed off at several different points,” said a company spokeswoman.

The news comes a mere weeks after two software engineers remotely hacked a late-model Jeep Cherokee. The hack exposed a serious security flaw with the Harman-designed Uconnect infotainment system that equips about 1.4 million Chrysler, Dodge, Jeep and Ram vehicles built between the 2013 and 2015 model years.

Harman stresses that only Fiat-Chrysler’s Uconnect software can be hacked because it’s about five-years old and it lacks the security features found in its more modern counterpart. However, the National Highway Traffic Safety Administration (NHTSA) is taking a closer look at about 2.8 million cars, trucks, and vans equipped with a Harman-designed infotainment system because it’s worried that all of the company’s infotainment systems could suffer from similar vulnerabilities.

Editors' Recommendations

Topics
Ronan Glon
Ronan Glon
Contributor
Ronan Glon is an American automotive and tech journalist based in southern France. As a long-time contributor to Digital…
What it means now that Kia and Hyundai have adopted Tesla’s charging standard
A Tesla car chargers on a Tesla Destination charger.

It has finally happened. After the majority of other major automakers announced the transition from the combined charging system (CCS) to the North American Charging Standard (NACS), Hyundai Motor Group (which consists of Hyundai, Kia, and Genesis) remained one of the major holdouts. But that has changed, and the company announced that it would make the shift starting with cars sold in late 2024. Presumably, that means that 2025 model year cars will get the new plugs.

But what does this mean for you if you're a current Kia, Hyundai, or Genesis driver? And what does it mean for those planning on buying a Hyundai Motor Group EV in the near or more distant future? Here's what you need to know.
How long will this transition take?
The transition to NACS simply is not going to be as immediate as Apple's transition from Lightning to USB-C ports. That's to say, there's going to be a multiyear transition period -- and even in five years, some charging stations will likely still sport CCS connectors.

Read more
Tesla Model 3 Highland: release date, range, design update, and more
A Tesla Model 3 electric car.

The Tesla Model 3 has long been one of the best electric cars out there, especially for drivers who want a high-quality car without paying a ton of cash. The Model 3 boasts a great range, along with awesome tech features and minimalistic design, all of which have helped make it a top-selling electric car.

But to date, it hasn’t evolved much. The car has been around for six years now, with  thefirst deliveries of the original Model 3 coming in late 2017. But now it’s getting a face-lift. The updated car, code-named Highland, has been announced, and it offers a range of upgrades over the current-generation Tesla Model 3.

Read more
The BMW i4 is more luxurious than the Tesla Model S, and costs way less
2022 BMW i4 M50

The Tesla Model S is the original cool electric car. It did away with the concept that EVs had to be nerdy, small, low-range cars — and instead offered a sleek and stylish design, as well as a modern interior. But over the years, a ton of competition has popped up, and these days, the Model S has to go up against some seriously great cars. 

Like, for example, the BMW i4.

Read more