Vulnerability Announcement: Tesla Roadster vulnerable to sniffing of security PIN code via CAN bus
SUMMARY
The Tesla Roadster instrumentation CAN bus (running at 1MHz) supports a CAN bus message to lock/unlock the car as well as enable/disable valet mode and change the PIN. Authentication on this message is via simple user PIN code which is typically 4 digits (but can be up to 8 digits).
This PIN code is usually entered on the VDS by the user, and then transmitted in plain text on the instrumentation CAN bus to the VMS.
TECHNICAL DETAILS
The CAN bus message used to lock/unlock the car, and enable/disable valet mode is: