30+ Tesla Cars Hacked Using Third-Party Software
A security researcher identified a vulnerability in TeslaLogger, a Third-event tool used to acquire info from Tesla vehicles, that leveraged afraid default settings that could presumably be exploited to create unauthorized earn admission to to TeslaLogger cases.
Reported the anguish to the TeslaLogger maintainer, who took steps to mitigate the difficulty, because it’s miles crucial to indicate that this vulnerability doesn’t reside internal Tesla vehicles or Tesla’s infrastructure.
Vulnerabilities occupy been identified in TeslaLogger, an begin-source info logger for Tesla vehicles, whereas attempting to search out attention-grabbing car tasks.
After placing in it on the computer the spend of Docker, the researcher employed nmap to name running products and companies within the MariaDB database (port 3306), the Graphana visualization tool (port 3000), and an admin panel (port 8888).
Intrigued by MariaDB and Graphana, he leveraged DBweaver to join to the database the spend of default credentials realized within the challenge repository, and with the hopes of extracting the Tesla automobile API key, carried out a SQL ask to retrieve all info from the ‘vehicles’ desk.
A vulnerability exists in Tesla integrations that create primarily the many of the Tesla API, as compromised Tesla tokens, in conjunction with earn admission to tokens and refresh tokens, grant attackers plump distant regulate over a automobile.
While Tesla’s API employs Feature-Based completely Entry Adjust (RBAC), Tesla logger applications incessantly query excessive permissions, permitting attackers to milk the API key to manipulate the automobile’s pronounce (e.g., in conjunction with drivers, unlocking doors, controlling native weather).
This anguish persists even though the database isn’t uncovered, as different strategies for obtaining API keys exist. Particular Tesla logger implementations on Raspberry Pi gadgets extra exacerbate the anguish by negligently exposing the API key.
Harish SG realized a susceptible Grafana dashboard with default credentials, permitting earn admission to to Tesla API tokens. TeslaLogger, a Third-event tool used for Tesla info logging, used to be susceptible attributable to storing credentials in easy textual inform and afraid default configurations.
By exploiting these weaknesses, identified over 30 TeslaLogger cases inclined to distant attacks, potentially granting regulate of Tesla vehicles, and responsibly reported the findings to the TeslaLogger developer after discovering their contact info.
Disclosed a vulnerability in TeslaLogger, a Third-event tool for Tesla vehicles, that could occupy allowed attackers to take Tesla API credentials if they compromised the TeslaLogger database.
He worked with the TeslaLogger maintainer to repair the anguish, which fervent encrypting the API credentials within the database and in conjunction with authentication to the admin pane, as he did not file the anguish at once to Tesla because of the an unhelpful response they bought from Tesla within the past regarding a identical anguish with one other third-event tool.
Source credit : cybersecuritynews.com