Tuesday, December 3, 2024
HomeCVE/vulnerabilityA Critical Vulnerability in Tesla Model S Let Hackers Clone The Car...

A Critical Vulnerability in Tesla Model S Let Hackers Clone The Car Key Within 2 Seconds & Steal Car

Published on

SIEM as a Service

New cryptographic vulnerability in Tesla Model S key fob’s encryption allows hackers to clone the key and steal the car without touching the owners key.

Lennert Wouters, a security researcher from Belgian university KU Leuven and, his team revealed a new technique to bypass the Model S key fob’s encryption in Cryptographic Hardware and Embedded Systems conference in Atlanta.

A year ago, the Same researcher found the critical vulnerabilities in Telsa car let hackers break the Model S’s keyless entry system to unlock the car.

- Advertisement - SIEM as a Service

Soon after Tesla fixed the flaw and created a new version of its key fob but now the spotted another flaw that affected the new key fob.

Compare to the previous one, the new attack is more limited in its radio range and also take a few more seconds to break the system than the previous one.

Cracking the Encryption Keys

According to Wouters, “The vulnerability resides in the Key fob that manufactured by a firm called Pektron, comes down to a configuration bug that vastly reduces the time necessary to crack its encryption”

In the previous version, the 40-bit encryption key was to used that can be easily cracked by hackers to gain the key access. later, Tesla and Pektron’s upgrade the key strength to 80 bit which is extremely hard to crack.

But the new open the door for hackers to break the 80-bit encryption key by split into two 40 bit key.

According to Wired report, “That shortcut makes finding the key only twice as hard as before. “The new key fob is better than the first one, but with twice the resources, we could still make a copy, basically,”

To execute the attack, Proxmark and Yard Stick One radios and a Raspberry Pi minicomputer can be used to capture the radio signal from a parked Tesla and eventually used to spoof the car communication with the owner’s key fob.

Researcher demonstrates the attack by recording and breaking the encryption on the key fob’s response to derive the fob’s cryptographic key in less than two seconds to unlock the car.

According to the Tesla spokesperson,’ “there is no evidence that the key-cloning technique has been used in any thefts. “While nothing can prevent against all vehicle thefts, Tesla has deployed several security enhancements, such as PIN to Drive, that makes them much less likely to occur,”

Tesla implemented the same fix to key fobs for all new Model S vehicles last month, so anyone who bought a Model S since then doesn’t need to update. Other vehicles like the Model X and Model 3 aren’t affected, Wouters said.

This time Tesla pushing out an over-the-air update to the key fobs via cars’ internet connections instead of replacing hardware.

Lennert Wouters disclosed it in April of this year and Tesla rewarded him $5,000 under bug bounty for reporting this vulnerability.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and Hacking News updates.

Also Read:

Pwn2Own 2019 – Tesla Car Internet Browser Hacked – Hackers Won the Car & $545,000 in Total – Day 3

Ex-Tesla Employee Sued for Uploading an Autopilot Source Code to his iCloud and Shipped to China

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Threat Actors Allegedly Claims Breach of EazyDiner Reservation Platform

Reports have emerged of a potential data breach involving EazyDiner, a leading restaurant reservation...

Salesforce Applications Vulnerability Could Allow Full Account Takeover

A critical vulnerability has been discovered in Salesforce applications that could potentially allow a...

TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands

A significant vulnerability has been identified in TP-Link's HomeShield function, affecting a range of...

ElizaRAT Exploits Google, Telegram, & Slack Services For C2 Communications

APT36, a Pakistani cyber-espionage group, has recently upgraded its arsenal with ElizaRAT, a sophisticated...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Salesforce Applications Vulnerability Could Allow Full Account Takeover

A critical vulnerability has been discovered in Salesforce applications that could potentially allow a...

TP-Link HomeShield Function Vulnerability Let Attackers Inject Malicious Commands

A significant vulnerability has been identified in TP-Link's HomeShield function, affecting a range of...

HPE IceWall Flaw Let Attackers cause Unauthorized Data Modification

Hewlett Packard Enterprise (HPE) has issued an urgent security bulletin addressing a critical vulnerability...