This was done by a group of researchers from the Technical University (TU) of Berlin uncovered a vulnerability in AMD-based vehicle infotainment systems that allows attackers to unlock restricted vehicle functions.
This is most notable in vehicles that offer premium features behind a paywall, including Tesla, which has one of (if not the) most comprehensive systems of its kind, though the automaker isn’t alone in charging for optional extras – and BMW has also been making headlines in recent months over subscription models to commodities like heated seats.
The team says that “hacking the car’s built-in computer could allow users to unlock these features without paying.”
Tesla jailbreak
There are two different remote concerns. First, an “unpatchable AMD-based Tesla Jailbreak” allows an attacker to run arbitrary software on the in-car display. Second, the extraction of a vehicle-unique hardware-bound RSA key allows an attacker to authenticate and open up a car to Tesla’s services.
According to those behind the discovery, a voltage error injection attack was carried out on the AMD Ryzen SoC used in Tesla’s MCU-Z.
It’s unclear which paid options can be accessed through an attack, however, in an email to Tom’s hardware, the TU Berlin researchers said that not all software upgrades are accessible. Depending on the model and year, upgrades can range from extras such as heated rear seats to acceleration boosts and full self-driving capabilities.
Tesla disbanded its press department in 2020, just like Twitter, hearing news from the mouth of Elon Musk is about the only way to separate fact from fiction. However, the automaker has not yet publicly commented on the vulnerability.