A group of researchers from Technical University (TU) Berlin have uncovered a vulnerability in AMD-based vehicle infotainment systems that allows attackers to unlock restricted vehicle features.
This is most noteworthy in vehicles that offer premium features behind a paywall, including Tesla which has one of the (if not the) most extensive systems of its type, though the automaker is not alone in charging for optional extras – with BMW also hitting headlines in recent months over subscription models to commodities like heated seats.
The team says that “hacking the embedded car computer could allow users to unlock these features without paying.”
Tesla jailbreak
There are two distinct concerns at bay. Firstly, an “unpatchable AMD-based Tesla Jailbreak” allows an attacker to run arbitrary software on the in-car display. Secondly, the extraction of a vehicle-unique hardware-bound RSA key allows an attacker to authenticate a car and open it up to Tesla’s services.
According to those behind the discovery, a voltage fault injection attack was carried out on the AMD Ryzen SoC used in Tesla’s MCU-Z.
It’s unclear which chargeable options can be accessed via an attack, however in an email to Tom’s Hardware, the TU Berlin researchers said that not all software upgrades are accessible. Depending on the model and year, upgrades can range from extras like heated rear seats to acceleration boosts, and full self-driving capabilities.
Tesla dissolved its press department in 2020, so much like Twitter, hearing news from the mouth of Elon Musk is about the only way to separate fact from fiction. Still, the automaker has not publicly commented on the vulnerability as yet.