OVMS v3 v3.2.001 Over-the-Air firmware update

Today, we are pleased to release v3.2.001 to Early Access Program (EAP) participants. This is the first public v3.2 version, and introduces an entirely new scripting framework based on an embedded javascript engine. Now, custom javascript modules and functions can be written to respond to system events. In addition, a host of other UI changes enhancements have been made.

A summary of the major changes is here:

Vulnerability Announcement: Tesla Roadster vulnerable to brute-force unlock via CAN bus

SUMMARY

The Tesla Roadster instrumentation CAN bus (running at 1MHz) supports a CAN bus message to lock/unlock the car as well as enable/disable valet mode. Authentication on this message is via simple user PIN code which is typically 4 digits (but can be up to 8 digits).

It appears that this is vulnerable to brute-force attack as there is no rate limiting on reception/interpretation of that message.

TECHNICAL DETAILS

The CAN bus message is:

Vulnerability Announcement: Tesla Roadster vulnerable to sniffing of security PIN code via CAN bus

SUMMARY

The Tesla Roadster instrumentation CAN bus (running at 1MHz) supports a CAN bus message to lock/unlock the car as well as enable/disable valet mode and change the PIN. Authentication on this message is via simple user PIN code which is typically 4 digits (but can be up to 8 digits).

This PIN code is usually entered on the VDS by the user, and then transmitted in plain text on the instrumentation CAN bus to the VMS.

TECHNICAL DETAILS

The CAN bus message used to lock/unlock the car, and enable/disable valet mode is:

Pages