Researchers from the Technical University of Berlin claim to have discovered a hardware exploit in Tesla’s infotainment system that could unlock paid upgrades, including Full Self-Driving (FSD) and other features, for free. The exploit involves a technique called voltage glitching, where the supply voltage to the infotainment system’s processor is manipulated at the right moment, tricking the CPU into accepting manipulated code.
The process requires physical access to a Tesla vehicle, making it a hardware exploit. Once unlocked, the researchers assert that FSD and other features could be enabled even in regions where Tesla has not yet made them available. The team will present its findings at the Black Hat cybersecurity conference.
In addition to unlocking paid features, the researchers claim to have obtained the encryption key that authenticates the car over Tesla’s network, potentially granting them access to unlock more features. They also managed to extract personal information from the test car, such as GPS locations, contacts, call logs, and calendar appointments.
Unlike software exploits that can be remotely patched, this hardware-based approach would make it more challenging for Tesla to revoke the exploit. The researchers suggest that Tesla would need physical access to the car, making it a more persistent threat.
Over the years, hackers have attempted to unlock paid Tesla features, and while some efforts have been successful, Tesla has been working to counter such attempts. The company has been engaged in a cat-and-mouse game with hackers, but this hardware exploit presents a unique challenge that may require more effort to address. As of now, Tesla has not provided a comment on the matter.
