Tesla cars are susceptible to a nearly irreversible jailbreak of their onboard infotainment systems that would allow owners to unlock a bevy of paid in-car features for free. The stolen perks can run the gamut from better bandwidth to faster acceleration and heated seats, according to a team of academic researchers.
The researchers also found that it's also possible to escape the infotainment system and pivot to the internal Tesla network for authenticating cars, which creates a wide-open highway to more advanced modding — including breaking geolocation restrictions on navigation and self-driving, and the ability to migrate the Tesla's "user profile" to another vehicle.
Surreptitiously Pimping Your Ride
Teslas have long been at the forefront of enabling "smart" functionalities, including, famously, autonomous driving. True to form, all recent Tesla models sport an AMD-based infotainment system known as MCU-Z, which enables an innovative in-car purchase scheme for advanced features, which, when purchased, are enabled on the car over-the-air (OTA).
This was the target for a group of doctoral students from the graduate program at Technical University Berlin and independent researcher Oleg Drokin. Team members will present the research for the first time at Black Hat USA next week in a session entitled "Jailbreaking an Electric Vehicle in 2023 or What It Means to Hotwire Tesla's x86-Based Seat Heater."
The researchers discovered that someone with physical access to the car's Infotainment and Connectivity ECU (ICE) board can use a known voltage glitching attack to subvert the MCU-Z's AMD Secure Processor (ASP), which serves as the root of trust for the system.
"Currently, our attack can be applied by people with some electronic engineering background, a soldering iron, and the ability to purchase additional hardware for about $100," Ph.D. student Christian Werling says. "We recommend using a Teensy 4.0 Development board for the voltage glitching that is readily usable with our open-sourced attack firmware. An SPI flash programmer is required, and a logic analyzer can greatly help to debug the overall attack."
Voltage glitching, also known as fault injection, not only makes it possible to gain root access and run arbitrary software on the MCU-Z to unlock some paid features, but that the access is nearly irrevocable, he says.
"While [voltage glitching] is arguably fiddlier to mount than a software-only attack, the underlying AMD CPU's vulnerability cannot be mitigated without upgrading the CPUs," Werling explains. "Our gained root permissions enable arbitrary changes to Linux that survive reboots and updates."
That's Infotainment: A Stepping Stone to a Bigger Hack
After successfully executing the glitching attack to subvert the ASP, the team was able to reverse-engineer the boot flow to ultimately extract a vehicle-unique, hardware-bound RSA key used to authenticate and authorize a car to Tesla's internal service network.
"There is an even higher privilege level on the system used to store the car's keys to the Tesla network," Werling explains. "Using the same attack and some sophisticated reverse engineering of the firmware-based Trusted Platform Module, we were able to extract these keys, which are usually protected even from root users on the device."
The keys could open up a range of additional possibilities for owners, the researchers found, including getting around geofencing for advanced features.
"Tesla locks some capabilities [in certain regions], the most common being maps," explains Drokin, the independent researcher on the team. "There are only a handful of regions that support maps, and if the car happens to be outside of them, users don't get navigation support at all."
He also notes that cars inside North America have access to full self-driving beta features, while Teslas in Europe don't, and the attack "could help to free a car from these restrictions, although that would require more reverse engineering."
Additionally, with access to the key Tesla uses to authenticate the car, it's possible to migrate a car's identity to another car computer. Drokin notes that this can come in handy in the case of flooded or damaged processors.
"A Model 3 car computer costs $200 to $400 on eBay, and Tesla sells it for $1,700 to $2,700 (depending on variant)," he explains. "Just reusing the ICE without provisioning the keys in would mean you lose all Tesla services in the car, including app access, software and map updates, and so on."
Of course, the research also potentially paves the road for malicious use of the attack, though given the threat model of having prolonged physical access to the victim's car, this might be a less critical threat, Werling points out.
Nonetheless, given enough time alone with a target, a cyberattacker could decrypt the car's on-board storage and access private user data such as the phonebook and calendar entries — and potentially the owner's personal information as well, the team found.
And, Werling says, "the identity migration could enable an attacker to impersonate another Tesla customer, at least temporarily," allowing someone else to hijack someone's profile (and features).
He also notes the possibility of streamlining the attack into a product akin to a "mod chip," for plug-and-play jailbreaking; he is careful to note that "this is not something we are planning to do and would pose a legally and economically questionable business model."
While the Tesla findings are the latest in a long tradition of car-hacking at Black Hat, Werling says that the research did reveal that the carmaker has better security than most of its automotive peers.
"Where Tesla differs from pretty much all other vendors is the physical security of their car systems approaching the level you see on well-secured cellphones of established vendors," he notes, "which is very uncommon in the car world."