Pwn2Own Automotive: Tesla, Sony, Alpine Players Breached on Day One

Bug Bounty Bonanza: Hackers Rake in Big Bucks as Connected Cars Show Security Cracks.

Pwn2Own Automotive 2024 takes place in Tokyo, Japan, from January 24 to 26.

The Pwn2Own Automotive 2024 hacking contest, taking place in Tokyo, Japan from January 24 to January 26, focuses on loopholes in automotive technologies. Tesla is the contest’s sponsor with VicOne and Trend Micro’s Zero Day Initiative as co-hosts.

During the context, they will demonstrate zero-day exploits targeting Model 3/Y or Model S/X systems, including the infotainment, modem, tuner, wireless, and autopilot systems. The top prize for zero-day exploits will be $200,000 and a Tesla car.

On its first day, many vulnerabilities were highlighted, including weaknesses in Tesla’s modem, Sony’s infotainment systems, and Alpine’s car audio players, raising concerns about the security of connected vehicles.

Security researchers hacked multiple fully patched EV charging stations and infotainment systems. The NCC Group EDG team won $70,000 for hacking the Pioneer DMH-WT7600NEX infotainment system and the Phoenix Contact CHARX SEC-3100 EV charger exploiting zero days.  

Sina Kheirkhah successfully attacked ChargePoint Home Flex, earning $60,000 and six Master of Pwn Points. Tobias Scharnowski and Felix Buchmann attacked Sony XAV-AX5500 for $40,000 and four Master of Pwn Points. Gary Li Wang exploited the Sony XAV-AX5500 using a stack-based buffer overflow.

Security researchers successfully hacked a Tesla Modem and earned $722,500 in total in awards for identifying three bug collisions and 24 unique zero-day exploits. Synacktiv Team completed a 3-bug chain against Tesla Modem and JuiceBox 40 Smart EV Charging Station, earning $100,000 and $60,000 along with 10 and 6 Master of Pwn Points, respectively.

This means, the team chained three zero-day bugs to gain root permissions on a Tesla Modem. The Synacktiv Team also successfully attacked the Ubiquiti Connect EV Station, earning six Master of Pwn Points and $60,000.

A third exploit chain targeted the ChargePoint Home Flex EV charger, which earned security researchers $16,000 in cash and $295,000 in prizes.

The PCAutomotive Team successfully targeted the Alpine Halo9 iLX-F509 using a UAF exploit, earning $40,000 and 4 Master of Pwn Points. They discovered a vulnerability in Alpine’s car audio player, allowing arbitrary code execution. This could potentially give attackers control over the audio system, allowing them to play loud noises or inject malicious code into other connected systems.

RET2 Systems also achieved 6 Master of Pwn Points and $60,000 for exploiting a 2-bug chain against the Phoenix Contact CHARX SEC-3100. The PHP Hooligans / Midnight Blue team successfully targeted a Sony XAV-AX5500, earning $20,000.

For additional insights on Pwn2Own Automotive’s day 1 results, check out Zero Day Initiative’s blog.

The Pwn2Own exploits highlight the growing vulnerability of cars to cyberattacks due to the increasing integration of technology in vehicles. While researchers disclose their findings to help manufacturers fix vulnerabilities, car owners must remain vigilant.

  1. 6 of the Best Crypto Bug Bounty Programs
  2. Bug bounty: Hack Tesla Model 3 to win your own Model 3
  3. Pwn2Own 2023: Tesla Model 3, Windows 11, Ubuntu Pwned
Related Posts