Security researchers have found a way to hack existing Tesla cars based on AMD chips to develop what could be the first “Tesla Jailbreak” persists worldwide.”
The team posted one report ahead of his presentation at Blackhat 2023 next week. There they will present a working version of an attack on Tesla’s latest AMD-based Media Control Unit (MCU).
According to the researchers, they use a known hardware exploit against a component of the MCU that ultimately allows access to critical systems that control in-car purchases. This even goes so far as to trick the car into believing that the purchase of additional services has already been paid for.
Tesla has long been known for its advanced in-vehicle computers, from those for everyday entertainment purposes to fully autonomous driving capabilities.
More recently, Tesla has started using this established platform to enable in-car purchases, not just for additional connectivity features, but even analog features like faster acceleration or heated rear seats.
By hacking into the car’s built-in computer, users could unlock these features without having to pay for them.
The attack also allows extraction of a vehicle-specific cryptographic key used to authenticate and authorize a vehicle within Tesla’s service network.
According to the researchers The attack cannot be patched to current vehicles. This means that no matter what software updates Tesla releases, users can run any code in Tesla vehicles as long as they have physical access to the vehicle.
Notably, the attack cannot be patched because it is not a direct attack against a Tesla-made component, but against the AMD Secure Processor (ASP) embedded in the MCU.
The details of this attack are unclear, at least until next week’s presentation, but the researchers say they are being used “inexpensive and autonomous hardware” Carry out.