Zero Day Initiative awarded a total of $732,000 to researchers who found 19 unique cybersecurity vulnerabilities during the first day of Pwn2Own.

Dark Reading Staff, Dark Reading

March 21, 2024

1 Min Read
Tesla 3 on a street plugged into a charger
Source: William Barton via Alamy Stock Photo

Cybersecurity researchers are winning hundreds of thousands of dollars in cash and prizes in the Pwn2Own competition, discovering previously unknown vulnerabilities in widely used products like Adobe Reader, Windows 11, SharePoint, and more.

During the first day of the two-day threat-hunting competition, the biggest prize, including $200,000 in cash and a brand new car, was awarded to a team called "Synacktiv" that successfully used a single integer overflow against the Tesla ECU with Vehicle CAN BUS Control, according to the competition's sponsor, the Zero Day Initiative. This is the second time the team has won for a Tesla hack, and the second Tesla 3 the group has collected, ZDI added in its announcement of the winners.

After the Tesla hack group, the second-place holder in the Pwn2Own bug bounty competition's first day was Manfred Paul, who collected $102,500 in bug bounties, including $60,000 for finding Apple Safari flaws that include an integer underflow bug as well as a PAC bypass, ZDI said. Paul won an additional $42,000 for exploiting both Chrome and Edge browsers, the organization added.

The top winners moved onto a second day of Pwn2Own to compete for the top title, "Master of Pwn."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights