Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH found zero-day security flaws in Intel’s open source software component ConnMan, managing network connections with a code specifically written to abuse the flaw that allows them to unlock doors and trunk, change seat positions and do almost everything the driver could do by pressing the buttons on the console.
To exploit the vulnerability, the two security researchers turned to a DJI Mavic 2 drone, which was used to fly over the open vehicle, and a Wi-Fi module to connect to the infotainment unit and launch a remote attack aimed at ConnMan. .
Called TBONE, the attack was originally expected to be introduced at Pwn2Own 2020, but the hacking race was eventually canceled due to a global health problem.
However, researchers demonstrated the exploitation of the CamSecWest conference, revealing that the shortcomings have already been eliminated after turning to Tesla, Intel and the German CERT.
In addition, Tesla released a 2020.44 update in late October 2020 to address security issues, with the carmaker offering a $ 31
And now comes the more concerned part. The ConnMan component, which has been found to be vulnerable, is not only used by Tesla, but also by many other car manufacturers, so security deficiencies are likely to exist in other vehicles as well. A new version of ConnMan (compilation 1.39) was already released in February 2021, but it is not yet clear how many carmakers have included the new version in their software updates.
Researchers claim that the attack is feasible and can be armed, which means that a more complex attack can be even more harmful, and eventually will even be able to connect with nearby cars and penetrate their infotainment system. systems.