The researcher found that when a Tesla is unlocked using the key card via NFC, there is a 130-second window when an attacker within Bluetooth range of the targeted vehicle can add their own key, which they can later use to unlock and drive the car.