Pwn2Own Vancouver 2022 contestants demonstrated three zero-day exploits on the second day of the competition: a hack of Windows 11, a hack of the infotainment system of the Tesla Model 3, and exploits for two bugs in Ubuntu Desktop.
On the infotainment system of a Telsa Model 3 using collision on a known sandbox escape, David BERARD and Vincent DEHORS from @Synacktiv demonstrated two unique bugs (Double-Free & OOBW) on the first attempt of the day.
Although they did not win the car outright, they earned $75,000 and have 7.5 masters of pwn points, so they made enough to take the car home with them.
While namnp had another attempt at executing their exploit of Microsoft Windows 11 on day 2, however, they were unable to accomplish it within the allotted time frame.
It wasn’t hard for Bien Pham (@bienpnn) to lift privileges under Ubuntu Desktop via an exploit he obtained through a Use After Free bug, earning him $40,000 and 4 Master of Pwn points for his efforts.
In today’s second attempt, Jedar_LZ was unable to complete the task within the timeframe that he was allowed. The good news is that @thedzi acquired the information on the exploit from Tesla and is now sharing it with the company.
In his first demonstration on Microsoft Windows 11, T0 engineered an improper access contr ..
Support the originator by clicking the read the rest link below.
