Hackers could use Tesla's diagnostic port to cut off vehicle power

According to foreign media reports, if Tesla's in-vehicle Bluetooth diagnostic module is connected to the Internet, it may provide hackers with an opportunity to exploit.

"Tesla vehicles do not have a traditional OBDII onboard diagnostic port, and their models have their own unique diagnostic interface (X427)," Ken Munro, partner and founder of Pen Test Partners, wrote in a blog post.

He added that when a traditional OBDII module doesn't work, users may be able to use an ELM327 Bluetooth that analyzes traffic and reads CAN messages, allowing users to view vehicle-related information such as power, battery status, temperature and voltage.

But Tesla's ELM327 module has a static, unchanging Bluetooth PIN (1234). Munro said many Tesla drivers keep the module plugged in their car so they can use their phone to read the vehicle's status at any time.

In the demonstration, Munro and a colleague started the Bluetooth module's networking. He said: "We tried to probe the CAN and copied the current information, but used random message lengths and information content. Guess what happened? We quickly received a large number of error messages, the front and rear motors stopped one after another, and finally the vehicle lost power."

Munro added that the steering wheel and brakes remained operable throughout the process, and everything returned to normal after the vehicle was restarted.

Munro said they will conduct further tests to identify CAN traffic in order to cut off the battery switch. He warned that if the driver leaves the interface in the car (Tesla or other brands of vehicles), Bluetooth or other devices will expose security vulnerabilities.