Tesla produced an over-the-air firmware update to mitigate a Gateway ECU vulnerability in its Model S automobile, according to a report with ICS-CERT.
This vulnerability, discovered by Tencent’s Keen Security Lab, is remotely exploitable.
All firmware versions before version 7.1 (2.36.31) with web browser functionality enabled suffer from the issue.
The vulnerability allows the vehicle’s software and driving functions to end up controlled remotely through the web browser, which the user must launch or already running from a previous launch. This allows attackers to gain access to the vehicle’s CAN bus through a firmware validation flaw in the Gateway ECU of the vehicle.
Tesla is a U.S.-based company that maintains offices in several countries around the world, including the U.S., Netherlands, and Japan.
The affected vehicle firmware manages the car’s software and driving functions. According to Tesla, the software is deployed in the Transportation sector. Tesla reports that this product is used primarily in the United States, Europe, and Asia.
The vehicle’s Gateway ECU is susceptible to commands that may allow an attacker to install malicious software allowing the attacker to send messages to the vehicle’s CAN bus.
CVE-2016-9337 is the case number assigned to this vulnerability, which has a CVSS v3 base score of 6.8.
No known public exploits specifically target this vulnerability. In addition, crafting a working exploit for this vulnerability would be difficult. A complex chain of exploits would be mandatory, including a web browser compromise, local privilege escalation, and custom-built firmware.
On September 18, Tesla produced an over-the-air firmware update for vehicles affected by this vulnerability. Owners of the vehicles should update their vehicle to the latest firmware.