Research — Zero Day Initiative — Blog

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks (Archive)

September 03, 2024
Windows, LPE, Research, Exploit

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation

January 23, 2023
Microsoft, Research, CSRSS

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Abusing Arbitrary File Deletes to Escalate Privilege and Other Great Tricks

March 17, 2022
Windows, LPE, Research, Exploit

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-26892: An Authorization Bypass on the Microsoft Windows EFI System Partition

June 30, 2021
Windows, UEFI, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2021-27076: A Replay-Style Deserialization Attack Against SharePoint

March 17, 2021
SharePoint, Microsoft, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

ZDI-CAN-12671: Windows Kernel DoS/Privilege Escalation via a NULL Pointer Deref

January 28, 2021
Microsoft, Research, 0-day

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Introducing CWE-1265: A New Way to Understand Vulnerable Reentrant Control Flows

August 27, 2020
CWE, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Windows Print Spooler Patch Bypass Re-Enables Persistent Backdoor

August 11, 2020
Windows, Security Patch, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

How a Deceptive Assert Caused a Critical Windows Kernel Vulnerability

May 07, 2020
Windows, Microsoft, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Privilege Escalation Via the Core Shell COM Registrar Object

December 20, 2019
Top 5, Windows, Research