Hacking a car from the sky turned out to be not such an unrealistic task. Experts Ralf-Philipp Weinmann and Benedikt Schmotzle demonstrated this using the Tesla Model X as an example. For this purpose, they used a DJI Mavic 2 drone and a Wi-Fi dongle.
In the attack, experts exploited vulnerabilities in a component called ConnMan, which is used to manage network connections and can be connected via Wi-Fi. Using these vulnerabilities, Weinman and Schmotzle were able to execute commands in the Tesla infotainment system.
The specialists limited themselves to remotely opening the car doors, but if an attacker had taken advantage of the vulnerabilities, things could have been much worse. According to Weinman and Schmotzle, a criminal could compromise a parked car, take over control of its infotainment system and perform various actions – unlock doors and trunk, change seat positions, steering and acceleration modes, or inject malicious firmware that turns Tesla into an access point. which could be used to operate other Tesla vehicles in the vicinity.
As noted, vulnerabilities in ConnMan were fixed in October last year. A video with detailed technical information and a demonstration of the hack is presented below.
See how to protect yourself here