Chinese Researchers Remotely Hack Tesla Model S (Update)

Security researchers from China-based tech company Tencent have identified a series of vulnerabilities that can be exploited to remotely hack an unmodified Tesla Model S while it’s parked or on the move.

The researchers managed to perform various actions. While the vehicle was parked, the experts demonstrated that they could:

  • control the sunroof,
  • the turn signals,
  • the position of the seats,
  • all the displays,
  • the door locking system.

While the car was on the move, the white hat hackers showed that they could activate the

  • windshield wipers,
  • fold the side view mirrors, and
  • open the trunk.

They also demonstrated that a remote hacker can activate the brakes from a long distance (e.g. 12 miles, as shown in the experiment).

WOW… this can be deadly!


But wait, after “several months of in-depth research” ?

This means that they spent several months to search for vulnerabilities to exploit ? This is what I mean by being insistent.

The most interesting part is the UPDATE.

Tesla told SecurityWeek that it addressed the vulnerabilities found by Keen Lab within 10 days after learning of their existence. The company pointed out that the attacks are not “fully” remote and they are not as easy to conduct as the researchers have suggested. The company has provided the following statement:

“Within just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues. The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.


We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers. We commend the research team behind today’s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research.”

The attack launched from 12 miles contradicts Tesla’s claims that the targeted vehicle must be connected to a malicious hotspot. This has led experts to believe that Keen Lab may have found a way to gain persistence.


Well, a lot of prerequisites which don’t really happen just everywhere.


Of course, reading this makes me think of whether or not they are also investigating other cars as well.

How about Audi, BMW, VW, Mercedes, etc… ?

Volkswagen has recently entered the cybersecurity market in automotive area by establishing a cooperation with the israeli company CYMOTIVE.


Source:  Author: Eduard Kovacs


Update from Wired:

Tesla Responds to Chinese Hack With a Major Security Upgrade

It seems that the chinese researchers have replaced the firmware. This was possible because the vehicle allowed unsigned firmware updates.

Now Tesla has enforced that any firmware has to be signed and the vehicle doesn’t accept just about any firmware.


“Cryptographic validation of firmware updates is something we’ve wanted to do for a while to make things even more robust,” says Tesla’s chief technical officer JB Straubel. Straubel notes that Tesla has been working on the code-signing feature for months but accelerated its rollout when the Tencent hackers reported their attack. The Tesla security team pushed the fix to all Tesla S and X vehicles within ten days. The feature, he says, should be considered a standard for the auto industry, hardening cars’ internal networks even against hackers who have found an initial foothold in the form of another software flaw. “This is what the world needs to move towards,” Straubel says. “Otherwise the door is thrown wide open anytime anyone finds a new vulnerability.”

© Copyright 2016 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity

Check for seeing the consulting services we offer.

Visit for latest security news in English
Besuchen Sie für IT Sicherheits News auf Deutsch

About the Author

Sorin Mustaca
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since over 20 years in the IT Security industry and worked between 2003-2014 for Avira as Product Manager for the known products used by over 100 million users world-wide. Today he is CEO and owner of Endpoint Cybersecurity GmbH focusing on Cybersecurity, secure software development and security for IoT and Automotive. He is also running his personal blog Sorin Mustaca on Cybersecurity and is the author of the free eBook Improve your security .
%d bloggers like this: