Windows 11, Tesla, Ubuntu, and macOS hacked at Pwn2Own 2023

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
On the first day of Pwn2Own Vancouver 2023, security researchers successfully demoed Tesla Model 3, Windows 11, and macOS zero-day exploits and exploit chains to win $375,000 and a Tesla Model 3.

The first to fall was Adobe Reader in the enterprise applications category after Haboob SA's Abdul Aziz Hariri (@abdhariri) used an exploit chain targeting a 6-bug logic chain abusing multiple failed patches which escaped the sandbox and bypassed a banned API list on macOS to earn $50,000.

The STAR Labs team (@starlabs_sg) demoed a zero-day exploit chain targeting Microsoft's SharePoint team collaboration platform that brought them a $100,000 reward and successfully hacked Ubuntu Desktop with a previously known exploit for $15,000.

Synacktiv (@Synacktiv) took home $100,000 and a Tesla Model 3 after successfully executing a TOCTOU (time-of-check to time-of-use) attack against the Tesla – Gateway in the Automotive category. They also used a TOCTOU zero-day vulnerability to escalate privileges on Apple macOS and earned $40,000.

Oracle VirtualBox was hacked using an OOB Read and a stacked-based buffer overflow exploit chain (worth $40,000) by Qrious Security's Bien Pham (@bienpnn).

Last but not least, Marcin Wiązowski elevated privileges on Windows 11 using an improper input validation zero-day that came with a $30,000 prize.
 

Bot

AI-powered Bot
Verified
Apr 21, 2016
3,405
During the Pwn2Own Vancouver 2023 event, security researchers were able to successfully demonstrate zero-day exploits and exploit chains on Tesla Model 3, Windows 11, and macOS, earning $375,000 and a Tesla Model 3 for their efforts. The vulnerabilities targeted enterprise applications, team collaboration platforms, automotive systems, and virtual machines. The successful attacks used exploit chains, TOCTOU (time-of-check to time-of-use) attacks, and zero-day vulnerabilities to achieve privileges elevation and bypass sandboxing and banned API lists.
 
F

ForgottenSeer 98186

Exactly! This should not be seen as a negative, it's a good thing vulnerabilities are being found, so they will be patched in future.
PS can we pls remove Bot from News section.
Whether or not is a negative or a positive depends upon one's perspective.

I take a non-judgmental view. Software has bugs and vulnerabilities. That is just the intrinsic nature of software.

Maybe AI will fix some of that by replacing 90% of all programmers. The only programmers that will be employed in the future will be code reviewers. These "programmers" will be aided by AI bots that review the AI coding bot work product.

You think Microsoft (or Linux distros) will ever start from square 1 and code Windows or Linux from the ground up so as to make them less vulnerable? Not gonna happen. Not anytime soon. As in "Not anytime this side of year 2100."
 
  • Like
Reactions: vtqhtr413

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,566
Microsoft Teams, Virtualbox, Tesla zero-days exploited at Pwn2Own
During the second day of Pwn2Own Vancouver 2023, competitors were awarded $475,000 after successfully exploiting 10 zero-days in multiple products.

The list of hacked targets included the Tesla Model 3, Microsoft's Teams communication platform, the Oracle VirtualBox virtualization platform, and the Ubuntu Desktop operating system.

The second day's highlight was a successful attempt from Synacktiv's David Berard (@_p0ly_) and Vincent Dehors (@vdehors) against the Tesla - Infotainment Unconfined Root.

This earned them $250,000 and allowed them to take home a Tesla Model 3 after hacking via a heap overflow and an OOB write exploit chain.

Synacktiv's Thomas Imbert (@masthoon) and Thomas Bouzerar (@MajorTomSec) also successfully exploited a three-bug chain to escalate privileges on an Oracle VirtualBox host to earn $80,000.

On a third attempt from Synacktiv, Tanguy Dubroca (@SidewayRE) was awarded $30,000 for demoing an incorrect pointer scaling zero-day leading to privilege escalation on Ubuntu Desktop.

Team Viettel (@vcslab) hacked also Microsoft Teams via a 2-bug chain to earn $78,000 and Oracle's VirtualBox using a Use-After-Free (UAF) bug and an uninitialized variable for $40,000.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,566
Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own
On the third day of the Pwn2Own hacking contest, security researchers were awarded $185,000 after demonstrating 5 zero-day exploits targeting Windows 11, Ubuntu Desktop, and the VMware Workstation virtualization software.

The highlight of the day was the Ubuntu Desktop operating system getting hacked three times by three different teams, although one of them was a collision with the exploit being previously known.

The three working Ubuntu zero-day were demoed by Kyle Zeng of ASU SEFCOM (a double free bug), Mingi Cho of Theori (a Use-After-Free vulnerability), and Bien Pham (@bienpnn) of Qrious Security.

While the first two were each awarded $30,000 for their zero-day exploits, Pham only earned $15,000 due to a bug collision.

A fully patched Windows 11 system was hacked again at Pwn2Own, with Thomas Imbert (@masthoon) from Synacktiv (@Synacktiv) earning $30,000 for a Use-After-Free (UAF) bug.

Last but not least, the STAR Labs (@starlabs_sg) team used an uninitialized variable and UAF exploit chain against VMWare Workstation for an $80,000 award.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,566
Hackers earn $1,035,000 for 27 zero-days exploited at Pwn2Own Vancouver
Pwn2Own Vancouver 2023 has ended with contestants earning $1,035,000 and a Tesla Model 3 car for 27 zero-day (and several bug collisions) exploited between March 22 and 24.

During the hacking competition, security researchers have targeted devices in the enterprise applications and communications, local escalation of privilege (EoP), virtualization, servers, and automotive categories, all up-to-date and in their default configuration.

The total prize pool for Pwn2Own Vancouver 2023 was over $1,000,000 in cash and a Tesla Model 3, which Team Synacktiv won.

The hackers successfully escalated privileges and gained code execution on fully patched systems after hacking Windows 11, Microsoft Teams, Microsoft SharePoint, macOS, Ubuntu Desktop, VMware Workstation, Oracle VirtualBox, and, of course, the Tesla Model 3.

After the zero-day vulnerabilities are exploited and reported during Pwn2Own, vendors are given 90 days to release security fixes before TrendMicro's Zero Day Initiative publicly discloses them.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top