{"id":13027,"date":"2016-09-20T08:47:51","date_gmt":"2016-09-20T12:47:51","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=13027"},"modified":"2019-11-15T06:53:25","modified_gmt":"2019-11-15T11:53:25","slug":"tesla-remote-hack","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/tesla-remote-hack\/13027\/","title":{"rendered":"Tesla Model S was hacked remotely"},"content":{"rendered":"<p>Researchers at Chinese security company Keen Lab claim that they have managed to remotely hack an unmodified Tesla Model S with the latest firmware installed. After one driver\u2019s interaction with the Internet \u2014 in the video below, it was a search for the nearest charging station \u2014 the researchers were able to compromise the computer system of a Model S and to send some commands into its <a href=\"https:\/\/en.wikipedia.org\/wiki\/CAN_bus\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">CAN bus<\/a>.<\/p>\n<p>For example, they were able to take over both the multimedia system and the dashboard displays, to open the sunroof, to switch on the turning signals, to move the seat, and to open the doors without using a key. Moreover, they managed to activate the windshield wipers, to fold in the side mirror, and to open the trunk <b>while the car was moving<\/b>.<\/p>\n<p>Finally, they showed that an operator some 12 miles away from the car was able to manipulate the brakes of the moving vehicle.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/c1XyhReNcHY?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>\u201cFollowing the global industry practice on \u2018responsible disclosure\u2019 of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla,\u201d researchers said. \u201cThe vulnerabilities have been confirmed by Tesla Product Security Team.\u201d They will not disclose any more details about the vulnerabilities until Tesla fixes the issues and advises Tesla owners to update cars\u2019 firmware to the latest version.<\/p>\n<h3>Update<\/h3>\n<p>Tesla\u2019s statement says: <em>\u201cWithin just 10 days of receiving this report, Tesla has already deployed an over-the-air software update (v7.1, 2.36.31) that addresses the potential security issues. The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious wifi hotspot. Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly.<\/em><\/p>\n<p>We engage with the security research community to test the security of our products so that we can fix potential vulnerabilities before they result in issues for our customers. We commend the research team behind today\u2019s demonstration and plan to reward them under our bug bounty program, which was set up to encourage this type of research.\u201d<\/p>\n<p>That means the vulnerabilities discovered by Keen Lab are <a href=\"https:\/\/threatpost.com\/tesla-fixes-critical-remote-hack-vulnerability\/120719\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">already fixed<\/a>. Meanwhile, if you are the owner of Tesla\u2019s car, it\u2019s highly recommended that you update the firmware to the latest version.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers claim that they have managed to remotely hack an unmodified Tesla Model S with the latest firmware installed.<\/p>\n","protected":false},"author":421,"featured_media":13028,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,2683],"tags":[651,899,1812,1813,579],"class_list":{"0":"post-13027","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-cars","10":"tag-hack","11":"tag-model-s","12":"tag-remote-hack","13":"tag-tesla"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/tesla-remote-hack\/13027\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/tesla-remote-hack\/7671\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/tesla-remote-hack\/7675\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/tesla-remote-hack\/7696\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/tesla-remote-hack\/9118\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/tesla-remote-hack\/8977\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/tesla-remote-hack\/13128\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/tesla-remote-hack\/2423\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/tesla-remote-hack\/6082\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/tesla-remote-hack\/5410\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/tesla-remote-hack\/8739\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/tesla-remote-hack\/12654\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/tesla-remote-hack\/13128\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/tesla-remote-hack\/13027\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/tesla-remote-hack\/13027\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/cars\/","name":"Cars"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13027","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=13027"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13027\/revisions"}],"predecessor-version":[{"id":30150,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/13027\/revisions\/30150"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/13028"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=13027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=13027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=13027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}