HomeWinBuzzer NewsPwn2Own 2023 Day 1: Successful Hacks on Windows 11, Tesla Model 3,...

Pwn2Own 2023 Day 1: Successful Hacks on Windows 11, Tesla Model 3, and MacOS

As day one closed on Pwn2Own 2023, Microsoft, Apple, Tesla, and other software vendors knew about fresh vulnerabilities in their products.

-

Pwn2Own 2023 Vancouver is curretly underway and day one of the security research/hacking content had plenty of interesting results. During the day, macOS, Tesla Model 3, and Windows 11 zero-day vulnerabilities and exploits were shown.

Adobe Reader was the first to be found out. Haboob SA’s Abdul Aziz Hariri leveraged an exploit chain that abuses failed patches to escape the sandbox and bypass a list of banned API on macOS. His breach won him $50,000 in funds.

Microsoft’s SharePoint was also successfully targeted as the STAR Labs team was able to showcase a zero-day exploit chain. The team took a $100,000 reward for the exploit. STAR Labs researchers took an additional $15,000 for finding and hacking a previously unknown vulnerability in Ubuntu.

A Tesla Model 3 and $100,000 was on the table for Synacktiv after the researcher executed a time-of-check to time-of-use (TOCTOU) attack on a Tesla Model 3. The team also managed to conduct a TOCTOU attack on a zero-day vulnerability on Apple macOS, landing $40,000 for the effort.

Marcin Wiązowski elevated privileges on Windows 11 through an input validation zero-day to claim a $30,000 prize.  

Pwn2Own

Pwn2Own is one of the biggest hacking contests in the world. It tasks hackers with highlighting vulnerabilities in some of the most famous platforms in tech.

When a zero-day vulnerability is found and showcased at the Pwn2Own event, software vendors are given 90 days to build and issue a security fix for all the flaws. If the vendors fail to do this, the Trend Micro Zero Day Initiative will publicly disclose the vulnerabilities.

Tip of the day: Though many VPN providers have their own apps, you can in many cases connect to a VPN in Windows without any third-party software. This is ideal if you have a self-hosted VPN or if you’re using a PC with restricted permissions. In our tutorial, we’re showing you how to connect to a VPN in Windows.

Luke Jones
Luke Jones
Luke has been writing about Microsoft and the wider tech industry for over 10 years. With a degree in creative and professional writing, Luke looks for the interesting spin when covering AI, Windows, Xbox, and more.

Recent News

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Mastodon