@iamhtoo as per https://data.hackinn.com/ppt/BlackHat-USA-2018/us-18-Liu-Over-The-Air-How-We-Remotely-Compromised-The-Gateway-Bcm-And-Autopilot-Ecus-Of-Tesla-Cars-wp.pdf (page 8) The command port supports many commands, such as install, auth, system, gostaged and m3-factory-deploy. Some commands can be executed directly without restrictions., some commands are privileged commands and cannot execute until elevating the privilege by executing the "auth" command. The others only can be executed on the specific system, CID or APE. In version 17.17.4, the unprivileged commands "install" and "m3-factory-deploy" is executable from CID without restrictions Not sure what they do, didn't test which ones authorized or not. They reported findings to Tesla and they may have patched stuff. So not all commands mentioned may be unprivileged.