30+ Tesla Cars Hacked Using Third-Party Software

by Esmeralda McKenzie
30+ Tesla Cars Hacked Using Third-Party Software

30+ Tesla Cars Hacked Using Third-Party Software

30+ Tesla Autos Hacked Utilizing Third-Event Software program

A security researcher identified a vulnerability in TeslaLogger, a Third-event tool used to acquire info from Tesla vehicles, that leveraged afraid default settings that could presumably be exploited to create unauthorized earn admission to to TeslaLogger cases.

Reported the anguish to the TeslaLogger maintainer, who took steps to mitigate the difficulty, because it’s miles crucial to indicate that this vulnerability doesn’t reside internal Tesla vehicles or Tesla’s infrastructure.

EHA

Vulnerabilities occupy been identified in TeslaLogger, an begin-source info logger for Tesla vehicles, whereas attempting to search out attention-grabbing car tasks.

After placing in it on the computer the spend of Docker, the researcher employed nmap to name running products and companies within the MariaDB database (port 3306), the Graphana visualization tool (port 3000), and an admin panel (port 8888).

5tV5oek5uKxTTN25RqKav RcVi7BZG4cGLr969wZFi1QPwEyXoAe5RGA6B9WZ18E3OrpURrnZMVMyW0YZ6gXwcKyQmV7A1InxD6rmvr NqYZY7bBDvfxfVfuiJ RakJg1RIqB5lq3IIvJJGYjb SzQ
Nmap result

Intrigued by MariaDB and Graphana, he leveraged DBweaver to join to the database the spend of default credentials realized within the challenge repository, and with the hopes of extracting the Tesla automobile API key, carried out a SQL ask to retrieve all info from the ‘vehicles’ desk.

A vulnerability exists in Tesla integrations that create primarily the many of the Tesla API, as compromised Tesla tokens, in conjunction with earn admission to tokens and refresh tokens, grant attackers plump distant regulate over a automobile.

tPnqNNwUzyBNLufd95biX0RXmHFn4Ljr21vkV0TjtK60826Y ZUeswQzdEfc5R9dC8ukVJIBY41fieODjYFUeW9qkyqfjcLpdLjY d4H8kZSL7kn kHxCeBcMMul MrFSTc5a2hVhsY794fbItaGw
Database

While Tesla’s API employs Feature-Based completely Entry Adjust (RBAC), Tesla logger applications incessantly query excessive permissions, permitting attackers to milk the API key to manipulate the automobile’s pronounce (e.g., in conjunction with drivers, unlocking doors, controlling native weather).

This anguish persists even though the database isn’t uncovered, as different strategies for obtaining API keys exist. Particular Tesla logger implementations on Raspberry Pi gadgets extra exacerbate the anguish by negligently exposing the API key.

1FybDAsXEu4ssWEZ2iKV9vWwh84TtINpYT xj2QYxARWnQ KN631AIgruGkgLduhMNve8uBxlgzBVvc8yOYX9uyvvNqoHl2
required permission to crawl successfully

Harish SG realized a susceptible Grafana dashboard with default credentials, permitting earn admission to to Tesla API tokens. TeslaLogger, a Third-event tool used for Tesla info logging, used to be susceptible attributable to storing credentials in easy textual inform and afraid default configurations.

By exploiting these weaknesses, identified over 30 TeslaLogger cases inclined to distant attacks, potentially granting regulate of Tesla vehicles, and responsibly reported the findings to the TeslaLogger developer after discovering their contact info.

0qbIxxuGIx9KUQObilRDXF3NiXujv YTvfkaFI gFXuHxCQaQdVKI6pRHkiOSdMO7IX3jFg4OUGMhyMPQ0ePWnrwhwjwYgvv97dxuZP4Mrl9vpGaomOe fBo95yjVnV0 Tq0igiwqKm8p22T dBrmQ
public net censys

Disclosed a vulnerability in TeslaLogger, a Third-event tool for Tesla vehicles, that could occupy allowed attackers to take Tesla API credentials if they compromised the TeslaLogger database.

VYG4NHXnGZ31FKHcMFvKilr2fQExdsiWlGdcEBZg6g50lUTwB1wwTnVhr yF BWMKKJZDSgvIC0lSHg iE7EWAEUg9VX0D1ml89izkHjo iHGGSqKKTecHUGK9Um7rYhb1iCe5J9sn8wop8zecyK4w
Findings

He worked with the TeslaLogger maintainer to repair the anguish, which fervent encrypting the API credentials within the database and in conjunction with authentication to the admin pane, as he did not file the anguish at once to Tesla because of the an unhelpful response they bought from Tesla within the past regarding a identical anguish with one other third-event tool.

Source credit : cybersecuritynews.com

Related Posts