A 19-year-old security researcher from Germany claims to have remote access to more than 25 Tesla cars in 13 countries.
David Colombo, who has previously claimed to have found vulnerabilities in the US Department of Defence, said in a Twitter thread that a software flaw gave him remote command of the cars without the owners’ knowledge.
While not giving full remote control access to drive the car, Mr Colombo says he could disable security systems, open doors and windows, start the engine, flashlights, play music and "remotely rick roll the affected owners by playing Rick Astley on Youtube in their Teslas".
He said the vulnerability was the "fault" of the owner and not in Tesla’s infrastructure, adding that he could see if a driver is in the car and could identify its exact location.
"It’s primarily the owners (& a third party) fault," Mr Colombo told Bloomberg News.
Tesla did not respond to The Independent’s request for comment, but Mr Colombo said the company’s security team confirmed to him they are investigating the vulnerability.
"I think it‘s pretty dangerous, if someone is able to remotely blast music on full volume or open the windows/doors while you are on the highway," Mr Colombo said in a tweet.
"Even flashing the lights non-stop can potentially have some (dangerous) impact on other drivers."
The claims went viral online with more than 6,000 likes, but the details of the vulnerabilities have not been made public.
Mr Colombo did not respond to questions about his claims by the time of publication.
Register for free to continue reading
Registration is a free and easy way to support our truly independent journalism
By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists
Already have an account? sign in
Join our new commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies