DoS exploit plays havoc with Tesla HUD

A security researcher has praised electric sports car maker Tesla for its prompt response to a web-based denial-of-service (DoS) attack he uncovered.

Jacob Archuleta ‘Nullze’ discovered the DoS vulnerability (CVE-2020-10558) after investigating the Tesla Model 3’s web interface.

After some trial an error, he discovered that it was possible for an attacker to crash the Chromium-based interface after tricking drivers into visiting a specially crafted web page.

Improper process separation made it possible for the malicious web page to disable the speedometer, web browser, climate controls, turn signals, navigation, autopilot notifications, and other miscellaneous functions from the main screen of the Tesla 3.

Driven by previous research

The avenue of attack was inspired by Team Flouroacetate, a research duo who discovered a just-in-time (JIT) bug in the browser of a Tesla Model 3 during a Pwn2Own competition last year

Richard Zhu and Amat Cama harnessed the flaw to display their own message on the Tesla 3’s infotainment system, whereas Archuleta’s hack crashed the interface completely.

Neither hack posed a physical safety risk. The exploit discovered by Archuleta, for example, does not inhibit a driver’s ability to manually take over the system.

Auto-update

After reporting the DoS vulnerability through Tesla’s bug bounty program, hosted by Bugcrowd, Archuleta worked with car manufacturer’s security team to get the issue resolved.

The security flaw in the driving interface of Tesla Model 3 vehicles is resolved in versions 2020.4.10 and above of the software.

The Daily Swig understands that this update is automatically applied, but Tesla is yet to respond to a request to confirm this point.

Archuleta has put together a write-up of his hack, complete with demonstration videos.

In response to questions from The Daily Swig, the researcher said he was exploring the field of car hacking.

“I earned some money from Tesla through Bugcrowd,” Archuleta explained. “I am attempting to learn more on it, but right now I wouldn’t consider myself an expert in the field.”

“I have also done some RF research with a HackRF for attacks, inspired by @samykamkar's [Samy Kamkar’s] work,” he added.


YOU MIGHT ALSO LIKE Tesla bug uncovered after minor accident