Zero Day Initiative — Blog

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

SolarWinds Access Rights Manager: One Vulnerability to LPE Them All

December 12, 2024
SolarWinds, Research, LPE

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 4 – No Argument Constructor

September 26, 2024
Microsoft, Exchange, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 3 – DLL Loading Chain for RCE

September 19, 2024
Exchange, Microsoft, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection

September 12, 2024
Microsoft, Exchange, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Exploiting Exchange PowerShell After ProxyNotShell: Part 1 - MultiValuedProperty

September 05, 2024
Exchange, Research, Microsoft

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud

May 30, 2024
SharePoint, Microsoft, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Unpatched Powerful SSRF in Exchange OWA – Getting Response Through Attachments

November 02, 2023
Microsoft, Exchange, 0-day

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Finding Deserialization Bugs in the SolarWinds Platform

September 21, 2023
SolarWinds, Deserialization, Research

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Pwn2Owning Two Hosts at the Same Time: Abusing Inductive Automation Ignition’s Custom Deserialization

February 08, 2023
Inductive Automation, Pwn2Own, Deserialization

Pwn2Own Automotive 2025 - Day Three and Final Results

Blog post

Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend

November 16, 2022
Exchange, Microsoft, 0-day