Particle.news
Download on the App Store
3 ARTICLES
·
9h ago

Researcher Maps 1,300 Exposed TeslaMate Dashboards Leaking Tesla Vehicle Data

The findings point to user misconfiguration on self-hosted servers that lack basic authentication.

a map of central Europe showing location markers of exposed TeslaMate servers, as well as different colored clusters of more than one servers.

Overview

  • Security researcher Seyfullah Kiliç of SwordSec scanned the internet and found more than 1,300 TeslaMate dashboards accessible without a password.
  • The exposed dashboards revealed detailed trip histories, GPS locations, charging patterns, speeds, and other stored telemetry.
  • Kiliç scraped last-seen locations and model names from open instances and plotted the vehicles on a map to show the scale of the exposure.
  • Some unsecured setups allowed full dashboard access, including the ability to change settings, according to the researcher.
  • The tally is far higher than the dozens found in 2022, and Kiliç urges owners to enable authentication or firewall/VPN protections as project maintainers cannot prevent user misconfiguration.