Monday, December 23, 2024

Teen Security Specialist gains remote control of over 20 Teslas

Teen Gains Full control over car doors, security system, and more

Facepalm: This week, a teenager reported that he has gained remote access to around two dozen Tesla cars in multiple countries and is trying to contact their owners. The list of things he can do to the affected vehicles is long and dangerous.

Nineteen-year-old IT security specialist David Columbo reported in a Twitter thread Monday and Tuesday 10th-11th Jan 2022, that he gained complete control of over 25 Teslas in 13 countries without their owners knowing. He doesn’t want to disclose exactly how he did it until he reports the vulnerability to the non-profit Mitre. However, Columbo did say it was due to errors on the owners’ part, not a security flaw in Tesla’s software.

Columbo said he could search the precise location of each car, disable their security, open their doors and windows even while they’re on the road, play music and YouTube videos at full volume, and more. While Columbo can’t remotely drive the cars, he could steal them if he were at their physical locations.

Tesla’s security team has already told Columbo they’re looking into it.

Even though Columbo says this isn’t Tesla’s fault, it could still be a PR issue for the company, painting the cars as ever more vulnerable in consumers’ minds. Near the end of last year, Tesla recalled a significant number of vehicles sold in the US over trunk lid problems. This incident could also affect the development of Tesla’s self-driving mode, which is still in beta.

Recommended:  CISA Adds Another 95 Flaws to its Actively Exploited Vulnerabilities Catalog

Real InfoSecurity reached out to Tesla this evening and was able to confirm the correspondence between the security researcher and Tesla.

We think you may enjoy reading,

Return to cybersecurity news

Bookmark
Please login to bookmarkClose
Share the word, let's increase Cybersecurity Awareness as we know it
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

Steven Black (n0tst3)
Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK. I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated... I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK. I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

more infosec reads

Subscribe for weekly updates

explore

more

security