The researchers were able to exploit the vulnerabilities of the vulnerable AMD Zen 1 CPU-based infotainment APU used in Tesla cars by using fault injection attack techniques. By using low-cost and readily available hardware, the researchers were able to successfully manipulate the early boot code and gain root access to the system. This provided them with the ability to make permanent changes and decrypt sensitive information stored in the car, including personal data like phonebooks, calendar entries, call logs, Spotify and Gmail session cookies, WiFi passwords, and visited locations.
Implications of this vulnerability for users
The jailbreak performed by the researchers allows attackers to extract the TPM-protected attestation key used by Tesla for car authentication and platform integrity verification. In addition to car ID impersonation and potential unauthorized usage, this vulnerability also poses a risk for unsupported region usage, as well as independent repairs and modding.
One of the researchers, Christian Werling, has outlined the tools required for this infotainment jailbreak, suggesting that a soldering iron and other electronics worth $100 are sufficient for the hack.
Denial of responsibility! TechCodex is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
Alex Smith is a writer and editor with over 10 years of experience. He has written extensively on a variety of topics, including technology, business, and personal finance. His work has been published in a number of magazines and newspapers, and he is also the author of two books. Alex is passionate about helping people learn and grow, and he believes that writing is a powerful tool for communication and understanding.