Security researchers have discovered an “unfixable” hardware exploit in Tesla cars that allows for unlocking paid-for feature upgrades for free, TechCrunch reports.

The “jailbreak” technique was contrived by a team of four — including three students at the Technische Universität Berlin — who will be presenting their findings at the Black Hat cybersecurity conference in Las Vegas next week.

Unlike many recent exploits of modern car tech, the method benefits the vehicle owner, as it allows them to avoid paying monthly fees to access certain features of their car.

Carmakers have increasingly turned to subscription models or one-time add-ons that force people to pay extra for certain features.

For Tesla, that includes features like “Premium Connectivity”, “Acceleration Boost”, Full-Self Driving (FSD), and even rear heated seats.

“We are not the evil outsider, but we’re actually the insider, we own the car,” said one of the students, Christian Werling. “And we don’t want to pay $300 for the rear heated seats.”

To activate features that would typically require payment, the researchers used a combination of voltage glitching on the AMD chip that runs Tesla’s infotainment system and their attack program.

“If we do it at the right moment, we can trick the CPU into doing something else,” Werling said. “It has a hiccup, skips an instruction and accepts our manipulated code.”

In addition to enabling subscription features for free, the researchers were able to use the jailbreak to extract the car’s encryption key, which is used to authenticate it on Tesla’s network.

That could allow for a range of other attacks that still need to be explored.

The exploit allowed them to pull personal information from the Tesla, including call logs, calendar appointments, details of contacts, visited locations, and worryingly, Wi-Fi passwords and session tokens from email accounts.

However, getting this information would require someone to have physical access to the car.

The researchers believe the only way Tesla could fix the jailbreak is to replace the hardware.

Several hacking teams recently won thousands of dollars and several Tesla cars in the 2023 Pwn2Own competition after successfully gaining elevated privileges to the Model 3’s software using various exploits.