Security Analysis of LTE Connectivity in Connected Cars: A Case Study of Tesla

Modern connected vehicles rely on persistent LTE connectivity to enable remote diagnostics, over-the-air (OTA) updates, and safety-relevant services. While mobile network vulnerabilities are well documented in the smartphone ecosystem, their impact in safety-relevant automotive settings remains insufficiently examined. We conduct a black-box case study of LTE security in Tesla's Model 3 and Cybertruck, revealing systemic protocol weaknesses and architectural misconfigurations in connected vehicles. We find that Tesla's telematics stack is susceptible to IMSI catching, rogue base station hijacking, and insecure fallback mechanisms that may silently degrade service availability. Furthermore, legacy control-plane configurations allow for silent SMS injection and broadcast message spoofing without driver awareness. While the vulnerabilities are grounded in Tesla, this case study suggests broader implications for connected-vehicle telematics and for regulatory frameworks such as ISO/SAE 21434 and UN R155/R156, which assume secure, traceable, and resilient telematics in modern vehicles.