HomeCyber SecurityHacked at Pwn2Own, Tesla Loses $1 million and Model 3 to Hackers

Hacked at Pwn2Own, Tesla Loses $1 million and Model 3 to Hackers

Tesla Hacked at Pwn2Own: A Vulnerability Uncovered

Tesla Hacked – PWN2OWN – On May 2023, Tesla recently encountered a significant cyber security challenge during the Pwn2Own conference, a platform where hackers showcase their prowess by exploiting vulnerabilities in various systems. Despite Tesla’s ongoing commitment to cybersecurity, the electric vehicle giant was successfully hacked, with the perpetrators walking away with both a hefty $100,000 prize and a compromised Model 3.

Tesla Hack – For years, Tesla has actively engaged with whitehat hackers, investing heavily in cybersecurity measures to fortify its systems. The Pwn2Own hacking competition has become a stage for testing the resilience of vehicles, especially Tesla’s, and this year was no different. The Zero Day Initiative, the organization behind Pwn2Own, confirmed the successful breach, revealing that the hackers managed to compromise the Tesla Model 3 brought to the event.


Synacktiv’s Team Gaining Root Access and Full Car Takeover

Synacktiv, the hacking team responsible for the exploit, shared details of their accomplishment. They successfully gained root access to Tesla’s system, achieving a comprehensive “take over” of the entire car.

Tesla Model 3 test rig by Synacktiv Team
Tesla Model 3 test rig by Synacktiv Team

Operating from a hotel room, the team utilized a Time-of-Check-to-Time-of-Use (TOCTTOU) exploit, specifically targeting the infotainment system through Bluetooth. This type of exploit involves a file-based race condition, challenging Tesla’s security protocols.


The TOCTTOU Exploit: Unraveling the Security Gap

The Pwn2Own team highlighted the significance of the TOCTTOU exploit, emphasizing its potential impact on Tesla’s security. This vulnerability occurs when a resource is checked for a specific value, but that value changes before the resource is utilized, creating a potential security gap. Synacktiv’s success in this endeavor could have allowed for a full chain takeover of the Tesla Model 3:

Tesla’s Response and the Path Forward: Strengthening Security Measures

Tesla, known for its proactive approach to cyber security, is expected to receive detailed insights from the whitehat hackers involved. These findings aim to assist the company in further enhancing the security of its products. This Tesla Hack incident underscores the ongoing challenges and evolving threats in the realm of automotive cybersecurity, prompting continuous vigilance and adaptation within the industry.

A cybersecurity practitioner with more than 5 years of experience in the cybersecurity world. Has an interest in creating simple blog websites, learning about SEO and graphic design, writing, AI, and understanding the concepts of journalism. Intentionally created this website to make the world of cybersecurity more engaging by combining it with journalistic principles and presenting cybersecurity stories that are easy to understand, which can help anyone who wants to develop in the cybersecurity world.




Please enter your comment!
Please enter your name here

fifteen − 13 =

Most Popular


- Advertisement -