Skip to main content
  1. Home
  2. Cars
  3. News

Tesla issues software patch after hackers take control of a Model S

By

Tesla Model S
Image used with permission by copyright holder
Six significant security flaws with the Tesla Model S let hackers take control of the vehicle, a team of American researchers has found.

Kevin Mahaffey, the chief technology officer of cybersecurity firm Lookout, and Marc Rogers, the principal security researcher at Cloudflare, explain that they chose to hack into a Tesla because the Silicon Valley-based company seemingly understands software better than most car makers. The results they obtained were surprising.

Recommended Videos

“The handbrake comes on, lurching it to a stop.”

“We shut the car down when it was driving initially at a low speed of five miles per hour. All the screens go black, the music turns off, and the handbrake comes on, lurching it to a stop,” said Rogers in an interview with the
Related
Financial Times.

Whether a hacker can turn off the electric sedan at speeds higher than five miles per hour was not disclosed. The researchers will release full details about the hack, including precisely how the S was hacked and a full list of the security flaws, during the Def Con conference that will open its doors in Las Vegas, Nevada, today.

Mahaffey and Rogers spent about two years studying the architecture of the Model S. Wired reports that the researchers managed to start and drive the car using software commands by simply plugging a laptop into a network cable behind the dashboard. They also managed to shut down the engine using a remote-access Trojan that they physically installed on the network. Finally, they noted that the infotainment system uses an outdated browser with an Apple WebKit vulnerability that hackers can potentially use to remotely take control of the car.

Tesla has not issued an official response, but it quickly designed an over-the-air patch that has already been sent to Model S owners.

“Tesla has taken a number of different measures to address the effects of all six vulnerabilities reported by [the researchers]. In particular, the path that the team used to achieve root (superuser) privileges on the infotainment system has been closed off at several different points,” said a company spokeswoman.

The news comes a mere weeks after two software engineers remotely hacked a late-model Jeep Cherokee. The hack exposed a serious security flaw with the Harman-designed Uconnect infotainment system that equips about 1.4 million Chrysler, Dodge, Jeep and Ram vehicles built between the 2013 and 2015 model years.

Harman stresses that only Fiat-Chrysler’s Uconnect software can be hacked because it’s about five-years old and it lacks the security features found in its more modern counterpart. However, the National Highway Traffic Safety Administration (NHTSA) is taking a closer look at about 2.8 million cars, trucks, and vans equipped with a Harman-designed infotainment system because it’s worried that all of the company’s infotainment systems could suffer from similar vulnerabilities.

Editors’ Recommendations

Topics
Ronan Glon
Ronan Glon
Contributor
Ronan Glon is an American automotive and tech journalist based in southern France. As a long-time contributor to Digital…
Your Galaxy S24 is about to get a big software update. Here’s what’s new
Someone holding the Samsung Galaxy S24 Plus.

Samsung Galaxy S24 users will soon receive new AI features on their devices. The company has begun rolling out the One UI 6.1.1 update for Galaxy S24, Galaxy S24 Plus, and Galaxy S24 Ultra users. The 2.8GB update includes the September 2024 security patch and many new features, most of which are AI-based.

This update introduces enhanced productivity tools such as Note Assist, PDF Overlay Translation, and Sketch to Image. Note Assist can translate and summarize meeting notes and create transcripts from voice recordings. PDF Overlay Translation allows you to translate text into PDF files, images, and graphs. The Sketch to Image feature generates image options based on simple sketches.

Read more
Tesla has released a cheaper Model 3 — and I really hope it comes to the U.S.
Tesla Model 3 Highland Front

The Tesla Model 3 is already one of the most popular electric vehicles, thanks to its large selection of great EV features and a reasonably low price compared to other electric cars. But it seems like Tesla is working on making the car even cheaper and has released a more affordable Model 3 with a downgraded interior in Mexico.

Don’t get me wrong. I’m glad that the Model 3 is available at a lower price in Mexico (it cuts the price of the current base Model 3 by around $4,000). But I really hope the vehicle makes it to the U.S.
What's different?
There are a few things that set the cheaper Model 3 variant apart from the current base Model 3 in the U,S. Most of these have to do with a regression of features compared to the Model 3 Highland update that was released last year. For example, the new passenger display in the back seat has been removed, and the accent lighting in the car is white only. Additionally, the seat coverings are a cheaper fabric instead of the faux leather available in the current Model 3. And there are no options for heated seats or a heated steering wheel.

Read more
Tesla software update fixes hood safety issue on 1.8M cars
Tesla's Model 3 refresh, codenamed Highland, features a sleeker front.

Tesla has issued a software update for 1.85 million of its vehicles in the U.S. to fix a safety issue involving the hood.

A notice posted online by the National Highway Traffic Safety Administration (NHTSA) on Tuesday explained the problem, saying that after a customer action opens the hood, it's possible that the latch assembly will fail to detect that it's open, thereby preventing a driver notification of the hood’s open state when the vehicle is placed into drive.

Read more