MOTORING NEWS - A Chinese security team has hacked a Tesla Model S and revealed several vulnerabilities in the luxury electric car, US media reported.
CNBC reported on Tuesday that Chinese company Tencent has notified Tesla about the hacks, and that the car company has already put a patch in place to fix the problem. The business news broadcaster said hackers were able to gain access by connecting to a malicious Wi-Fi hotspot and then using the web browser. Keen Security Labs, a unit at Tencent, trumpeted the successful hack in a blog post.
"It is worth to note that we used an unmodified car with latest firmware to demonstrate the attack," the hackers wrote.
"Following the global industry practice on 'responsible disclosure' of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team."
The security snafus are the latest woes for the Tesla's Model S, which saw a driver die in a crash in Florida while using Autopilot earlier this year when the vehicle slammed into a truck.
"Tesla has already deployed an over-the-air software update... that addresses the potential security issues," the company told CNBC.
"The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious Wi-Fi hotspot," Tesla said. "Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly."
The company added: "We commend the research team behind today's demonstration and plan to reward them under our bug bounty programme, which was set up to encourage this type of research."
"It is worth to note that we used an unmodified car with latest firmware to demonstrate the attack," the hackers wrote.
"Following the global industry practice on 'responsible disclosure' of product security vulnerabilities, we have reported the technical details of all the vulnerabilities discovered in the research to Tesla. The vulnerabilities have been confirmed by Tesla Product Security Team."
The security snafus are the latest woes for the Tesla's Model S, which saw a driver die in a crash in Florida while using Autopilot earlier this year when the vehicle slammed into a truck.
"Tesla has already deployed an over-the-air software update... that addresses the potential security issues," the company told CNBC.
"The issue demonstrated is only triggered when the web browser is used, and also required the car to be physically near to and connected to a malicious Wi-Fi hotspot," Tesla said. "Our realistic estimate is that the risk to our customers was very low, but this did not stop us from responding quickly."
The company added: "We commend the research team behind today's demonstration and plan to reward them under our bug bounty programme, which was set up to encourage this type of research."
