Gary Zhou 
Key Points
- 🔒 Researchers from Technische Universität Berlin jailbroke their Tesla Model 3 to bypass upgrade costs.
- ⚡ “Voltage glitching” was used to manipulate the processor and enable rear-heated seats without paying $300.
- 🛡️ The researchers also extracted the description key for car authentication on Tesla’s network.
- 🚨 The hack allowed access to critical personal information, including calendar appointments and WiFi passwords.
- 💰 Tesla offers cash prizes and rewards for security researchers finding vulnerabilities in their systems.
A team of researchers from Technische Universität Berlin successfully jailbroke their Tesla Model 3 to bypass upgrade costs for features like rear-heated seats and other vehicle add-ons. They plan to present their techniques at a cybersecurity conference in Las Vegas.
The researchers utilized a method known as “voltage glitching” to manipulate the supply voltage of the AMD processor in the Model 3’s infotainment system. By doing this at the right moment, they could trick the CPU into accepting manipulated code, enabling them to activate the rear-heated seats and avoid paying additional fees.
However, their accomplishments went beyond simply unlocking the rear-heated seats. They were also able to extract the description key responsible for authenticating the car in Tesla’s network. This allowed them to access critical personal information, including recent calendar appointments, contact lists, call logs, WiFi passwords, and even the vehicle’s location history.
This security vulnerability could attract Tesla’s attention, as the company has encouraged security researchers to identify weaknesses in its systems and has offered significant rewards for those who successfully expose cybersecurity flaws. In the past, other hacking groups have gained access to Tesla vehicles by exploiting internal files to access the vehicle’s systems, highlighting the importance of maintaining robust cybersecurity measures.
