Security News > 2022 > June > Hacking Tesla’s Remote Key Cards

Hacking Tesla’s Remote Key Cards
2022-06-14 12:19

Martin Herfurt, a security researcher in Austria, quickly noticed something odd about the new feature: Not only did it allow the car to automatically start within 130 seconds of being unlocked with the NFC card, but it also put the car in a state to accept entirely new keys­with no authentication required and zero indication given by the in-car display.

"The authorization given in the 130-second interval is too general [it's] not only for drive," Herfurt said in an online interview.

"This timer has been introduced by Tesla in order to make the use of the NFC card as a primary means of using the car more convenient. What should happen is that the car can be started and driven without the user having to use the key card a second time. The problem: within the 130-second period, not only the driving of the car is authorized, but also the [enrolling] of a new key."


News URL

https://www.schneier.com/blog/archives/2022/06/hacking-teslas-remote-key-cards.html