
Tesla supports security contests and runs its own bug bounty programme. (Image credit: Tesla)
Share Post
Tesla supports security contests and runs its own bug bounty programme. (Image credit: Tesla)
A team of security researchers called Synacktiv has won $200,000 (approximately Rs. 1,66,16,200) and a brand new Tesla Model 3 for identifying a chain of exploits that could be used by malicious attackers to compromise a Tesla’s CAN (control area network) bus and ECU (electronic control unit). The flaw demonstrated by Synacktiv could theoretically allow an attacker to affect a vehicle’s engine and transmission control, battery management, powertrain, suspension, door and seat controls, telematics, and other critical parameters.
The demonstration took place at the biannual Pwn2Own hacking contest in Vancouver, Canada. The contest is backed by Trend Micro’s Zero Day Initiative, which encourages the discovery and ethical disclosure of security vulnerabilities. Tesla supports such hacking competitions with large prizes, and runs its own bug bounty programme to reward researchers for discovering exploits.
Synacktiv, which is based in France and describes itself as an “offensive security company”, won $100,000 (approximately Rs. 83,08,100) from Tesla in January this year at another Pwn2Own event in Tokyo, Japan for discovering a chain of exploits in Tesla’s infotainment system and a flaw in its modems. In March 2023, it won another Tesla Model 3 and $100,000 for successfully manipulating the Tesla Energy Gateway, which communicates with a Tesla Powerwall home energy storage system and manages how and when to charge a vehicle.
Confirmed!!! The @Synacktiv team used a single integer overflow to exploit the #Tesla ECU with Vehicle (VEH) CAN BUS Control. The win $200,000, 20 Master of Pwn points, and a new Tesla Model 3 (their second!). Awesome work as always. #Pwn2Own #P2OVancouver pic.twitter.com/FcB4fTiOa7
— Zero Day Initiative (@thezdi) March 20, 2024
Tesla’s engagements with white-hat hackers and security researchers show how important cybersecurity is to the company and to the connected vehicle industry at large. Connected cars, particularly entire fleets of them, are tempting targets for malicious attackers, as they could be an easy way to target individuals or cause significant disruption on a large scale.
However, the carmaker was also in the news recently for dismissing a potential threat discovered by researchers at Mysk, who managed to clone a Tesla’s digital key in a controlled demonstration using a fake Wi-Fi hotspot and capturing a user’s Tesla account credentials.
BMW F 450 GS To Get Semi-Automatic Gearbox As An Option
Arun Mohan Nadar 8 Jul, 2025, 4:26 AM IST
Alpine A290 Rallye For Customer Racing Revealed Ahead Of Goodwood Debut
Sutanu Guha 7 Jul, 2025, 2:31 PM IST
Bentley Enters India Officially As Part of Skoda Auto Volkswagen India Group
Satvik Khare 7 Jul, 2025, 2:27 PM IST
Auto Sales June 2025: Electric Two-Wheeler Sales Grows At Great Pace, But Future Remains Uncertain
Sutanu Guha 7 Jul, 2025, 1:28 PM IST
Chinese Automaker Onvo Shows Off Cars Performing “AI Self Test” Prior to L90 SUV Launch
Jamshed Avari 7 Jul, 2025, 12:57 PM IST
Looking for a new car?
We promise the best car deals and earliest delivery!