• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Severe Hikvision HikCentral product flaws: What You Need to Know

 | 

U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

 | 

Google addressed two Android flaws actively exploited in targeted attacks

 | 

U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

 | 

Android droppers evolved into versatile tools to spread malware

 | 

Jaguar Land Rover shuts down systems after cyberattack, no evidence of customer data theft

 | 

Cloudflare blocked a record 11.5 Tbps DDoS attack

 | 

Palo Alto Networks disclosed a data breach linked to Salesloft Drift incident

 | 

Von der Leyen’s plane hit by suspected Russian GPS Jamming in Bulgaria, landed Safely

 | 

Supply-chain attack hits Zscaler via Salesloft Drift, leaking customer info

 | 

Crooks exploit Meta malvertising to target Android users with Brokewell

 | 

North Korea’s APT37 deploys RokRAT in new phishing campaign against academics

 | 

Fraudster stole over $1.5 million from city of Baltimore

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 60

 | 

Security Affairs newsletter Round 539 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Amazon blocks APT29 campaign targeting Microsoft device code authentication

 | 

Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships

 | 

New zero-click exploit allegedly used to hack WhatsApp users

 | 

US and Dutch Police dismantle VerifTools fake ID marketplace

 | 

Experts warn of actively exploited FreePBX zero-day

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Breaking News
  • Hacking
  • Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle

Pierluigi Paganini May 02, 2021

A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic 2 drone equipped with a WIFI dongle.

The scenario is disconcerting, hackers could use a drone to fly on your Tesla Model X and open the doors, a couple of researchers demonstrated.

The researchers Kunnamon, Inc.’s Ralf-Philipp Weinmann and Comsecuris GmbH’s Benedikt Schmotzle have discovered remote zero-click flaws in the vehicle and exploited them using a DJI Mavic 2 drone equipped with a WIFI dongle.

The vulnerabilities reside in the ConnMan open-source software component used in Tesla cars, the experts explained that they have exploited them to “compromise parked cars and control their infotainment systems over WiFi.”

The duo called the hack TBONE and presented it at the CanSecWest 2021 Conference, below the video of the presentation:

Weinmann and Schmotzle explained that the ConnMan is also widely used in infotainment systems of other carmakers, for this reason they engaged German CERT and other actors of the automotive industry. A new version of ConnMan (v1.39) has been released in February 2021.

“Looking at the fact TBONE required no user interaction, and ease of delivery of the payload to parked cars, we felt this attack was ‘wormable’ and could have been weaponized”, says Kunnamon CEO Ralf-Philipp Weinmann. “Adding a privilege escalation exploit such as CVE-2021-3347 to TBONE would allow us to load new Wi-Fi firmware in the Tesla car, turning it into an access point which could be used to exploit other Tesla cars that come into the victim car’s proximity. We did not want to weaponize this exploit into a worm, however.”

The duo was planning to present the attack at the PWN2OWN 2020 hacking contest, but since it was moved online due to the COVID19 pandemic they opted to privately report the issues to the carmaker.

Going into details the vulnerabilities could be exploited by remote attackers to compromise parked cars gain control of the infotainment system over WIFI, then it is possible to lock/unlock the trunk and doors, modify seat positions and steering/acceleration modes, and change air conditioning settings and temperature.

“It would be possible for an attacker to unlock the doors and trunk, change seat positions, both steering and acceleration modes – in short, pretty much what a driver pressing various buttons on the console can do. This attack does not yield drive control of the car though.” reads the post publishe by the experts.

The good news is that the vulnerabilities cannot be exploited by attackers to take remote control of the vehicle.

“We emulated Tesla’s ConnMan entirely in our own emulator – KunnaEmu. KunnaEmu’s emulation is accurate enough to allow for the exploit to be successful as-is on actual Tesla hardware.”, concluded Dr. Weinmann. “Automotive manufacturers can scale up their software testing and remediation pipelines by orders of magnitude by using KunnaEmu. Our mission at Kunnamon is to bring the power of cloud computing and emulation for testing embedded automotive systems, at scale.”

Tesla is yet to provide a comment on the researchers’ findings.

It is not the first time that hackers demonstrated the hack of a Tesla, in November 2020, a team of researchers from the Computer Security and Industrial Cryptography (COSIC) group at the KU Leuven University in Belgium demonstrated how to steal a Tesla Model X in minutes by exploiting vulnerabilities in the car’s keyless entry system.

In July 2019, the security researcher Sam Curry has earned $10,000 from Tesla after reporting a stored cross-site scripting (XSS) flaw that could have been exploited to obtain vehicle information and potentially modify it.

In March 2019, during the Pwn2Own 2019 hacking competition, the security experts Amat Cama and Richard Zhu of team Fluoroacetate, earned $35,000 for their exploit, along with the Tesla they hacked. The white hat hackers managed to display a message on the car’s web browser by exploiting a just-in-time (JIT) issue in the renderer component.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Tesla)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

Car hacking cyber security news Cybersecurity Drone Hacking hacking news Information Security information security news malware Pierluigi Paganini Security News SecurityAffairs Tesla Model X

you might also like

Pierluigi Paganini September 04, 2025
Severe Hikvision HikCentral product flaws: What You Need to Know
Read more
Pierluigi Paganini September 04, 2025
U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Severe Hikvision HikCentral product flaws: What You Need to Know

    Hacking / September 04, 2025

    U.S. CISA adds TP-Link Archer C7(EU) and TL-WR841N flaws to its Known Exploited Vulnerabilities catalog

    Hacking / September 04, 2025

    Crooks turn HexStrike AI into a weapon for fresh vulnerabilities

    Cyber Crime / September 03, 2025

    Google addressed two Android flaws actively exploited in targeted attacks

    Security / September 03, 2025

    U.S. CISA adds WhatsApp, and TP-link flaws to its Known Exploited Vulnerabilities catalog

    Hacking / September 03, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT