Bypassing the Firmware Downgrade Ratchet in Tesla Wall Connectors

The security of embedded devices often relies on a "security ratchet"—a mechanism that prevents the installation of older, potentially vulnerable firmware versions. In a recent technical deep dive, researchers from Synacktiv demonstrated that the Tesla Wall Connector (AW-CU300) implemented this ratchet in a way that could be entirely bypassed, allowing an attacker with physical access to the charging port to downgrade the device to a vulnerable state.

This vulnerability highlights a critical architectural flaw: the disconnect between the firmware updater's validation logic and the bootloader's execution logic.

The Anti-Downgrade Mechanism

In firmware version 24.44.3, Tesla introduced a more rigorous check to prevent downgrades. The update process uses a Unified Diagnostic Services (UDS) session over Single-Wire CAN. The critical function, switch_to_new_firmware(), invokes check_image_and_antidowngrade(), which parses the firmware segments for version descriptors (VRSN) and ratchet values (VRS2).

If the firmware's ratchet value is lower than the current ratchet stored in the Persistent Storage Manager (PSM), the system logs a failure and erases the passive firmware slot:

Failure: Security ratchet downgrade prevented %d < %d

Under normal circumstances, this prevents an attacker from simply pushing an old, signed-but-vulnerable image to the device.

The Architectural Gap: Bootloader vs. Updater

The researchers discovered that while the updater enforces the ratchet, the bootloader (boot2) does not. The bootloader is responsible for verifying the integrity of the firmware before jumping to it. It checks for:

1. A magic header (SBFH).
2. Per-segment CRC32 checksums.
3. An RSA signature against a stored key.

Crucially, the bootloader has no notion of the security ratchet. It will execute any image that is properly signed and has a correct CRC, regardless of its version number. The anti-downgrade protection is enforced exclusively during the UDS routine 0x201 (the switch-to-new-firmware call).

The Bypass Strategy

To bypass the ratchet, the researchers exploited the way the device handles its two firmware slots (active and passive). The bypass relies on the fact that the g_boot_flags (which determine which slot is passive) are set at boot time and remain static during the session.

The exploit follows a three-step sequence:

1. Validating the Slot

The attacker first pushes a valid, up-to-date firmware image to the passive slot and calls routine 0x201. Because the firmware is current, the validation passes, and the system updates the partition table to mark this slot as the active one for the next boot (by incrementing its gen_level).

2. Overwriting the Content

Without rebooting, the attacker calls routine 0xFF00 again. Because the session is still active, the same physical slot is identified as passive. This routine erases the previously validated firmware, but it does not touch the partition table. The partition table still believes this slot is the most recent and valid active slot.

3. Injecting the Vulnerable Firmware

The attacker then pushes an old, signed-but-vulnerable firmware image into the now-empty slot. They skip routine 0x201 entirely—avoiding the ratchet check—and immediately call routine 0x202 to reboot.

Upon reboot, the bootloader sees the partition table, identifies the slot with the highest gen_level, verifies the RSA signature (which is valid because the old firmware was officially signed by Tesla), and executes it.

Impact and Remediation

By downgrading the firmware to version 0.8.58, the researchers were able to re-enable a chain of exploits, including leaking Wi-Fi credentials via UDS and gaining a debug shell via a buffer overflow in the argument parser. Since Wall Connectors are typically connected to home or business networks, a compromised charger serves as a persistent foothold for lateral movement within a private network.

Tesla has since patched this vulnerability. To prevent similar issues, the researchers suggest several remediations:

• Bootloader Enforcement: Move the ratchet check into the bootloader so that no outdated firmware can ever be executed.
• Partition Invalidation: Ensure that erasing a slot via routine 0xFF00 also invalidates the corresponding entry in the partition table.
• Session Constraints: Force a mandatory reboot after a successful update or reject new update sessions once a slot has been committed.

Community Perspectives

While the technical exploit is sophisticated, community discussions highlight the practical implications of such vulnerabilities. Some users expressed a desire for such capabilities to disable unwanted features, such as the mandatory Wi-Fi access point created by Gen 3 connectors. Others raised concerns about the broader implications of EV infrastructure security, noting that if thousands of chargers were compromised simultaneously, malicious actors could potentially manipulate power draw to destabilize the electrical grid.