Scary remote over WiFi bug. Tesla fixed with 2019.36.2 over air update.https://keenlab.tencent.com/en/2020/01/02/exploiting-wifi-stack-on-tesla-model-s/ …
-
-
Replying to @WeldPond
An impressive feat! But just to be clear, this involves an attacker that is connected to the same WiFi network as the car, correct?
1 reply 0 retweets 0 likes -
Replying to @wdormann
Its not completely clear: 1. The attacker sends DEAUTH frames to all the AP nearby. 2. When Tesla reconnects to AP, the attacker gets the MAC address of Tesla. 3. Spray the fake pointer, then trigger the vulnerability in firmware by directly send corrupt Action Frame.
1 reply 1 retweet 0 likes -
Replying to @WeldPond
It's this part that seems to make it clear. Sending a WMM response to the Tesla isn't something I'd think that an outsider could do.pic.twitter.com/kykToEVCTL
1 reply 0 retweets 1 like -
Unless the buried lede here is that a Tesla will automatically connect to an open-authentication AP, or an AP with a known-to-others SSID and/or authentication. In which case, the deauth might trigger the Tesla to connect to the attacker's AP.
2 replies 0 retweets 1 like
This may apparently be true? From: https://teslatap.com/articles/wifi-guide-and-troubleshooter-for-tesla-vehicles/ … Also, I have to chuckle about the single quote thing, also if true.pic.twitter.com/l8ZAnOnXvw
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.