Security News Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,592
Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.

Synacktiv Team (@Synacktiv) took home $100,000 after successfully chaining three zero-day bugs to get root permissions on a Tesla Modem.

They also used two unique two-bug chains to hack a Ubiquiti Connect EV Station and a JuiceBox 40 Smart EV Charging Station, earning an additional $120,000.

A third exploit chain targeting the ChargePoint Home Flex EV charger was already known but still brought them $16,000 in cash, with a total of $295,000 in prizes during the first day of the contest.

Security researchers also successfully hacked multiple fully patched EV charging stations and infotainment systems, with the NCC Group EDG team taking the second place on the leaderboard after winning $70,000 for zero-days exploited to hack the Pioneer DMH-WT7600NEX infotainment system and the Phoenix Contact CHARX SEC-3100 EV charger.

After the zero-day bugs are exploited and reported during the Pwn2Own competition, vendors have 90 days to develop and release security fixes before TrendMicro's Zero Day Initiative publicly discloses them.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top