Hackers win Tesla Model 3 at security competition with $530,000 exploit

Despite these flaws, the researchers noted that Tesla is doing an excellent job of making the car difficult to hack by putting in place a sophisticated system of sandboxes, which isolates components and makes it more difficult to gain greater privileges by simply breaking into one of them.

TOCTOU attack

The Synacktiv team demonstrated two different exploits. At first, it took them less than two minutes to compromise the Model 3’s Gateway system, which serves as the energy management interface for communication between Tesla vehicles and Tesla Powerwalls.

They inserted the required malicious code using a Time of Check to Time of Use (TOCTOU) attack, a strategy that takes advantage of the brief interval between when a computer examines something like a security credential and when it really uses it.

They weren’t hacking a genuine Model 3 for safety concerns, but they would have been able to open the front hood and doors of the vehicle even while it was moving.