Pwn2Own Automotive Contest Sees Successful Hacks on Tesla EV Charger

During this year’s Pwn2Own Automotive hacking contest, which took place at the Automotive World tradeshow in Tokyo, researchers successfully hacked into Tesla’s wall connector electric vehicle (EV) charger. This competition is dedicated to exposing vulnerabilities in automotive technology, including vehicle operating systems, electric vehicles, chargers, and infotainment systems, ultimately aimed at enhancing security in these rapidly evolving sectors.

The Zero Day Initiative reported that a group known as PHP Hooligans accomplished this significant task by utilizing a “numeric range comparison without minimum check” zero-day vulnerability, which allowed them to take control of the EV charger and subsequently crash it. Their efforts were rewarded with $50,000 in prize money, along with five Master of Pwn points, marking another milestone in their hacking achievements.

Following closely behind, the team Synacktic managed to breach the Tesla charger through its charging connector, demonstrating the diverse methods attackers can employ to exploit vulnerabilities in connected devices.

In addition to the hack on the Tesla charger, the PHP Hooligans also successfully exploited an impressive 23 additional zero-day vulnerabilities across various EV chargers, including models from WOLFBOX, ChargePoint Home Flex, Autel MaxiCharger, Phoenix Contact CHARX, and EMPORIA. This underscores the pressing need for enhanced security measures within the EV charging infrastructure.

On the second day of the contest, Trend Micro’s Zero Day Initiative rewarded participants a total of $718,250 for their discovery of 39 unique zero-day vulnerabilities, making it a highly productive event for security researchers focused on automotive technology.

As the contest progresses, Sina Kheirkhah emerges as the current leader with a total of 24.5 points, trailed by Synacktiv in second place and PHP Hooligans in third. This contest not only highlights the innovative approaches to cybersecurity but also the ongoing challenges manufacturers face in securing their products against sophisticated attacks.

Source
www.darkreading.com

Tesla Gear Compromised Repeatedly During Pwn2Own Competitions

Pwn2Own Automotive Contest Sees Successful Hacks on Tesla EV Charger

Google Warns of Increasing Enterprise-Specific Zero-Day Exploits

Cybersecurity Leaders Condemn ‘Political Persecution’ of Chris Krebs in Letter to the President

Broadcom-Supported SAN Devices Vulnerable to Code Injection Attacks Due to Critical Fabric OS Flaw

Consistent Senators Blank Maple Leafs 4-0

EA Cuts Jobs and Cancels Titanfall Game

CNAPP-Kaufberatung

Breaking news

Consistent Senators Blank Maple Leafs 4-0

Pakistan Asserts ‘Credible Intelligence’ on India’s Imminent Military Strike Plans

CID: Parth Samthaan Exits Show Amidst Declining TRP Ratings; Will Shivaji Satam Return?

Trump Indicates Possibility of Calling for Kilmar Abrego Garcia’s Return to U.S.

NBA Playoffs: Giannis Addresses Confrontation with Tyrese Haliburton’s Father

Tucker Carlson and Megyn Kelly: Republicans Should Avoid Appearing on Gavin Newsom’s Podcast

Rats and Insects Emerge as New Challenge for War-Torn Gazans