Pwn2Own Toronto 2023 - Day Three Results
October 26, 2023 | Dustin ChildsWelcome to Day 3 of Pwn2Own Toronto 2023! We’ll be updating this blog in real time as results become available. We have a full schedule of attempts today, so stay tuned! All times are Eastern (GMT -4:00).
FAILURE - The DEVCORE Intern was unable to get their exploit of the Canon imageCLASS MF753Cdw working within the time allotted.
BUG COLLISION - Interrupt Labs was able to execute an RCE attack against the Synology BC500. However, the exploit they used was previously known. They still earn $3,750 and 0.75 Master of Pwn points.
FAILURE - Team Orca of Sea Security was unable to get their exploit of the Xiamoi 13 Pro working within the time allotted.
WITHDRAWAL - ToChim withdrew their attempt to target the Xiaomi 13 Pro.
BUG COLLISION - Claroty was able to execute a 4-bug chain against the TP-Link Omada Gigabit Router and Synology BC500 for the SOHO Smashup. However, one of the bugs they used was previously known. They still earn $40,750 and 8.25 Master of Pwn points.
SUCCESS - STEALIEN executed a stack-based buffer overflow attack against the Wyze Cam v3 resulting in a root shell. They earn $15,000 and 3 Master of Pwn Points.
SUCCESS - Rafal Goryl used a 2-bug chain to exploit the Wyze Cam v3 and gain a root shell. He earns $15,000 and 3 Master of Pwn Points.
BUG COLLISION - Team Orca of Sea Security was able to execute their attack against the Samsung Galaxy S23. However, the bug they used was previously known. They still earn $6,250 and 1.25 Master of Pwn points.
SUCCESS - Team Viettel was able to execute a stack-based buffer overflow attack leading to RCE against the Lexmark CX331adwe. They earn $10,000 and 2 Master of Pwn points.
FAILURE - Interrupt Labs was unable to get their exploit of the Xiaomi 13 Pro working within the time allotted.
SUCCESS - Synacktiv was able to execute a heap-based buffer overflow in the kernel triggered via WiFi and leading to RCE against the Wyze Cam v3. They earn $15,000 and 3 Master of Pwn points.
WITHDRAWAL - ANHTUD withdrew their attempt to target the Xiaomi 13 Pro.
BUG COLLISION - Sina Kheirkhah was able to exploit a stack-based buffer overflow and a missing authentication for critical function against the TP-Link Omada Gigabit Router and the Lexmark CX331adwe for the SOHO Smashup. However, one of the bugs he used was previously known. He still earns $31,250 and 6.25 Master of Pwn points.