A duo of German researchers hacked their Tesla Model X using only a DJI Mavic 2 drone and a Wi-Fi dongle. This newly discovered flaw allows a hacker to do almost anything a driver can do, except for actually driving it. The founders of this breach state that it can "unlock the doors and trunk, change seat positions, both steering and acceleration modes - in short, pretty much what a driver pressing various buttons on the console can do. This attack does not yield drive control of the car though." In addition, experts note that this vulnerability exists not only in Tesla cars but also in a large number of recently produced cars that drive on the roads at the moment.
Kunnamon CEO Ralf-Philipp Weinmann and Comsecuris employee Benedikt Schmotzle demonstrated the vulnerability found in Tesla at the CanSecWest security researchers conference. The researchers were able to hack the doors of an electric car using a Wi-Fi key carried by a flying drone over the car. This is not the first vulnerability found in Tesla; almost a year ago computer experts found some minor vulnerabilities and they got a Tesla Model 3 as a reward.
The cause of the vulnerability is the ConnMan component of the Tesla, which manages network connections. You can connect to it over a Wi-Fi network. However, this component is used not only by Tesla. “I think like half of the industry uses ConnMan” Weinman told Forbes. Weinmann and Schmotzle immediately decided to tell Intel, the creators of the ConnMan component, about the found problem. As a result the vulnerability was swiftly fixed with Tesla's over the air software update ability.
Weinmann warned that the attack could’ve been “wormable” and “weaponized” by adding on an exploit that let the two create an entirely new Wi-Fi firmware in the Tesla, “turning it into an access point which could be used to exploit other Tesla cars that come into the victim car’s proximity.” The researchers chose to not to create a wormable hack, however. Tesla commonly rewards hackers for their work on exposing problems so they can be patched quickly with its bounty program. According to Weinnman, the pair received $31,500 from Elon Musk’s electric car giant for their findings.