The research was conducted by Martin Herfurt, an Austria-based member of the Trifinite research group, which focuses on Bluetooth security.
Herfurt’s analysis targeted a change made by Tesla in August 2021 to key card access, removing the requirement for users to place the key card on the central console after using it to open the vehicle.
The researcher found that when a Tesla is unlocked using the key card via NFC, there is a 130-second window when an attacker who is within Bluetooth range of the targeted vehicle can add their own key, which they can later use to unlock and drive the car.