49 Unique Zero-days Uncovered in Pwn2Own Automotive

by Esmeralda McKenzie
49 Unique Zero-days Uncovered in Pwn2Own Automotive

49 Unique Zero-days Uncovered in Pwn2Own Automotive

49 unfamiliar zero-days Pwn2Own

On the final day of Pwn2Own Automobile 2024 – Day 3, researchers were granted $1,323,750 in rewards for figuring out 49 particular zero-days.

The critical-ever Pwn2Own Automobile match has concluded! Synacktiv wins the Master of Pwn Trophy, earning 50 Master of Pwn Ingredients and a $450,000 prize. In particular, the infotainment machine and modem of Tesla were attacked by the Synacktiv group, and every vulnerability earned $100,000.

Pwn2Own Day 3

Computest Sector 7 exploited the ChargePoint Residence Flex by the enlighten of a 2-bug chain. They salvage six Master of Pwn Ingredients and $30,000.

The Sony XAV-AX5500 used to be compromised by Synacktiv. Alongside side four Master of Pwn Ingredients, they salvage $20,000.

Sina Kheirkhah exploited the Ubiquiti Connect EV by the enlighten of a 2-bug chain. Six Master of Pwn Ingredients and $30,000 are his earnings.

Connor Ford of Nettitude exploited the JuiceBox 40 Natty EV Charging Space by the enlighten of a stack-essentially based mostly buffer overflow. Six Master of Pwn Ingredients and $30,000 are his earnings.

The EMPORIA EV Charger Level 2 used to be exploited by fuzzware.io by a buffer overflow. Six Master of Pwn Ingredients and $60,000 are their earnings.

Highlights of the Day 1 of Pwn2Own Automobile’s learn contributors got awards totaling over $700,000. Sina Kheirkhah earned $60,000 by efficiently launching his assault on ChargePoint Residence Flex.

A 2-bug chain used to be implemented by Synacktiv in opposition to the JuiceBox 40 Natty EV Charging Space and $60,000 is their earnings. The enlighten of a UAF exploit, the PCAutomotive Staff used to be ready to efficiently procedure the Alpine Halo9 iLX-F509 and function $40,000.

Highlights from Day 2 of Pwn2Own Automobile: Over $1 million in rewards were supplied to researchers. The enlighten of a 3-bug chain, the PHP Hooligans and Center of the evening Blue group exploited the Phoenix Contact CHARX SEC-3100 and earned $30,000.

Synacktiv exploited Automobile Grade Linux by the enlighten of a 3-bug chain and earned $35,000. fuzzware.io exploited the ChargePoint Residence Flex with a two-bug chain and got $30,000 rewards.

ZDI is currently getting prepared to host Pwn2Own Vancouver 2024, which is scheduled for March 20 to 22 in Vancouver, Canada. Over $1 million will be awarded in prizes for that match.

That it’s doubtless you’ll presumably look the detailed itinerary of the extremely aggressive contest by following this link. Furthermore, an intensive abstract of the Pwn2Own Automobile 2024 Day 3 results is on hand here for your reference.

Linked Be taught

  • Researchers Awarded Over $1 Million in Pwn2Own Hacking Opponents
  • Researchers Uncovered 24 Zero-days in Pwn2Own Automobile: Day 1

Source credit : cybersecuritynews.com

Related Posts