> Many Tesla charging stations — of which there are over 50,000 in the world — offer a WiFi network

No. There are about 6,150 stations. There are about 57,000 stalls.

tl;dr: It's a captive portal that goes to a phishing site that asks for Tesla account credentials. It's not exploiting any vulnerabilities.

The vulnerability:

"Mysk said the unsuspecting Tesla owner isn't even notified when a new phone key is set up. And, though the Tesla Model 3 owner's manual says that the physical card is required to set up a new phone key, Mysk found that that wasn't the case, according to the video."

They should at least notify you if someone logs in from a new device.

If it can be exploited it's a vulnerability. It remains a vulnerability even when Tesla says it's not.

The only thing being exploited is the owner's brain.