"Security Researchers Win Second Tesla At Pwn2Own"

A team of security researchers won a Tesla Model 3 and $200,000 for discovering a zero-day vulnerability in a vehicle's Electronic Control Unit (ECU). After one day of Pwn2Own Vancouver 2024, held by Trend Micro's Zero Day Initiative (ZDI), the Synacktiv team topped the leaderboard. Not much is known about the vulnerability because all bugs discovered during the competition are responsibly reported to the appropriate vendor for patching. However, it is known that the team used a single integer overflow flaw to exploit a Tesla ECU with Vehicle (VEH) CAN BUS Control. This article continues to discuss the Synacktiv team's win and other highlights from the contest. 

Infosecurity Magazine reports "Security Researchers Win Second Tesla At Pwn2Own"

Submitted by grigby1

Submitted by grigby1 CPVI on