Tesla fixes security bugs after claims of Model S hack

Tesla said it was able to remedy the bugs uncovered by Tencent using an over-the-air fix to its vehicles

Signage is displayed outside of Tesla Motors before the Tesla Energy Powerwall Home Battery event in Hawthorne, California. PHOTO: REUTERS

Tesla Motors has rolled out a security patch for its electric cars after Chinese security researchers uncovered vulnerabilities they said allowed them to remotely attack a Tesla Model S sedan.

The automaker said that it had patched the bugs in a statement to Reuters on Tuesday, a day after cyber-security researchers with China's Tencent disclosed their findings on their blog. Interest in car hacking has surged since Fiat Chrysler last year recalled 1.4 million US vehicles to fix onboard software bugs uncovered by two researchers. They demonstrated that they were able to gain remote control of a Jeep traveling at high speeds in a dramatic video posted on Wired.com.

Tesla probes Dutch fatal crash, says auto-pilot not on

Tesla said it was able to remedy the bugs uncovered by Tencent using an over-the-air fix to its vehicles, which saved customers the trouble of visiting dealers to obtain the update. Tencent's Keen Security Lab said on its blog that its researchers were able to remotely control some systems on the Tesla S in both driving and parking modes by exploiting the security bugs that were fixed by the automaker.


The car was amongst the fleet of vehicles taking part in Tesla’s ‘Electric Road Trip’ in France PHOTO: REUTERS


The blog said that Tencent believed its researchers were the first to gain remote control of a Tesla vehicle by hacking into an onboard computer system known as a CAN bus. In a demonstration video, Tencent researchers remotely engaged the brake on a moving Tesla S, turned on its windshield wipers and opened the trunk.

"We have verified the attack vector on multiple varieties of Tesla Model S," the blog said. "It is reasonable to assume that other Tesla models are affected." Tesla said it pushed out an over-the-air update to automatically update software on its vehicles within 10 days of learning about the bugs.

Tesla probes Dutch fatal crash, says auto-pilot not on

"Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly," the statement said. It said the attack could only be triggered when a Tesla web browser was in use and the vehicle was close enough to a malicious Wi-Fi hot spot to connect to it.
Load Next Story