Pwn2Own Automotive 2025 - Day Two Results
January 22, 2025 | Dustin ChildsWelcome to the second day of Pwn2Own Automotive 2025. Yesterday, we awarded more than $380,000 for 16 unique 0-days - and we had several bug collisions as well. Today looks to be even better, with the WOLFBOX and Tesla EV chargers making their Pwn2Own debut. Here’s how the Master of Pwn standings look at the beginning of Day Two:
We’ll see how they look at the end of the day. Here are the Day Two results, which we will be updating throughout the competition.
SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) combined a couple of bugs to exploit the WOLFBOX charger and introduce it to the world of Pwn2Own. His efforts earn him $50,000 and 5 Master of Pwn points.
SUCCESS - The Tesla Wall Connector has been christened by the PHP Hooligans. They used a Numeric Range Comparison Without Minimum Check bug (CWE-839) to take over the machine and crash it. They earn $50,000 and 5 Master of Pwn points.
SUCCESS/COLLISION - The team of @vudq16, @tacbliw, and @_q5ca from Viettel Cyber Security (@vcslab) used a command injection combined with a known bug to exploit the ChargePoint HomeFlex. They earn $18,750 and 3.75 Master of Pwn points.
SUCCESS - We were definitely thrilled to see Cong Thanh (@ExLuck99) and Nam Dung (@greengrass19000) of ANHTUD use a command injection bug to exploit the Alpine iLX-507 and leave us a special message. Their round 2 win earns them $10,000 and 2 Master of Pwn points.
COLLISION - The ZIEN, Inc. (@zien_security) of HANRYEOL PARK (@hanR0724), HYOJIN LEE (@meixploit), HYEOKJONG YUN (@dig06161), HYEONJUN LEE (@gul9ul), DOWON KWAK (@D0uneo), YOUNGMIN CHO (@ZIEN0621) successfully exploited the Kenwood DMX958XR, but they used a known bug. They still win $5,000 and 5 Master of Pwn points.
SUCCESS - The folks from HT3 Labs (@ht3labs) used a missing authentication bug combined with an OS command injection to exploit the Phoenix Contact CHARX. Their 2nd round win nets them $25,000 and 5 Master of Pwn points.
COLLISION - Although the team of Radu Motspan (@moradek), Polina Smirnova (@moe_hw) and Mikhail Evdokimov (@konatabrk) from PCAutomotive successfully exploited the Tesla Wall Connector, the bug they used was previously known. The still earn $22,500 and 3.5 Master of Pwn points.
FAILURE - Unfortunately, the team o Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of fuzzware.io could not get their exploit of the ChargePoint HomeFlex working within the time allotted.
SUCCESS/COLLISION - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) combined six different bugs, improper access control and stack-based buffer overflows, to exploit the Autel MaxiCharger. However, one of the bugs he used was previously known. He still earns $23,000 and 4.75 Master of Pwn points.
COLLISION - Although the Pony 74 team successfully exploited the Kenwood DMX958XR, the bug they used was previously known. They still earn $5,000 and 1 Master of Pwn point.
SUCCESS - The GMO Cybersecurity by Ierae, Inc. team combined an improper certificate validation bug to a path traversal to exploit the Alpine iLX-507. Their second round win earns them $10,000 and 2 Master of Pwn points.
SUCCESS/COLLISION - Rafal Goryl of PixiePoint Security used a 2 bug chain to exploit the WOLFBOX Level 2 EV Charger, but one of the bugs was previously known. He earns himself $18,750 and 3.75 Master of Pwn points.