From Tom's Hardware: Teslas are among the most popular electric cars on the market, which makes them an easy target for hackers. Now, a team of security researchers from TU Berlin has found a way to exploit or "jailbreak" the MCU found in modern Tesla vehicles to unlock paid features and more. To execute the attack, the researchers exploited a known flaw in AMD's processor that controls Tesla's MCU.
In Tesla parlance, MCU stands for Media Control Unit, and it controls the touch screen, navigation, and entertainment systems. MCU0/1 refers to the first generation (Nvidia Tegra-based), while MCU2 is the second generation (Intel Atom). MCU-Z refers to the third generation based on a custom AMD Ryzen SoC. MCU-Z is the subject of the researchers' attention.
According to the researchers, they used a voltage fault injection attack (a certain class of attacks) against the MCU-Z. This class of attacks is also known as 'voltage glitching,' and is a known attack point for Zen 2- and Zen 3-based processors; it also affects the Ryzen SoC used in Tesla's MCU-Z. Utilizing multiple connections to the power supply, BIOS SPI chip, and SVI2 bus, the researchers performed a voltage fault injection attack on the MCU-Z's Platform Security Processor. With a successful attack, objects stored in the Trusted Platform Module (TPM) can be decrypted.
View: Full Article