Rapid7 researchers have described in detail some vulnerabilities in the Tesla Backup Gateway and how they can be exploited.
On Tuesday, Rapid7 described the security risks associated with connecting the Tesla Backup Gateway to the Internet. In particular, the ways in which open links can be used to violate the privacy and security of users.
The Tesla Backup Gateway is an automotive plant management platform solar energy and battery / Powerwall. The system can be connected directly to network, monitor downtime and enable users to monitor and control power supplies via a connected mobile app. Connections can be made via wifi, Ethernet cable or mobile.
To access the gateway, users connect to the software wifi network, enter its serial number - which acts as a password - and access the Tesla Backup Gateway from one internet browser. Each portal uses a self-signed certificate SSL.
The first time a user logs in, the email and password are used - the last five digits of the gateway password.
According to Rapid7 and previous research by Vince Loschiavo, the danger of this practice is that the weak can be exploited. credentials.
The access point SSID uses the last three characters of the serial number so there are only two left for hackers to guess.
Rapid7 also notes that many publish Tesla Solar and Powerwall home installation licenses online, giving invaders direction to potential targets.
Rapid7 contacted Tesla prior to the publication of the investigation, and the company said that upcoming security updates would include fixes to the issues reported.