This work presents a real-world penetration test of a production-ready electric vehicle, demonstrating full compromise within eight working days. Starting from minimal access via an insecure WiFi network, we achieved remote control over safety-critical systems and vehicle theft. Key issues included hardcoded credentials, insecure MQTT communication, and a weak UDS Security Access implementation. Our fi ndings highlight the feasibility of rapid, high-impact attacks and underscore the need for secure boot, proper credential management, and robust in-vehicle network protections.
Ziv et al. (Wed,) studied this question.