An easy phishing attack using a Flipper Zero device can lead to compromising Tesla accounts, unlocking cars, and starting them. The attack works on the latest Tesla app, version 4.30.6, and Tesla software version 11.1 2024.2.7.

Security researchers Talal Haj Bakry and Tommy Mysk reported their finding to Tesla saying that linking a car to a new phone lacks proper authentication security. The car maker determined the report to be out of scope.