Researchers at Chinese security company Keen Lab claim that they have managed to remotely hack an unmodified Tesla Model S with the latest firmware installed. After one driver’s interaction with the Internet —i-e doing search for the nearest charging station — the researchers were able to compromise the computer system of a Model S and to send some commands into its CAN bus.
For example, they were able to take over both the multimedia system and the dashboard displays, to open the sunroof, to switch on the turning signals, to move the seat, and to open the doors without using a key. Moreover, they managed to activate the windshield wipers, to fold in the side mirror, and to open the trunk while the car was moving.
Finally, they showed that an operator some 12 miles away from the car was able to manipulate the brakes of the moving vehicle.
Following the global industry practice on “responsible disclosure” of product security vulnerabilities, Keen Lab researchers have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team.
Keen Security Lab is coordinating with Tesla on issue fixing to ensure the driving safety of Tesla users.
According to Keen Lab, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars.