Security News > 2020 > March > Oracle VirtualBox, Adobe Reader, Windows Hacked at Pwn2Own 2020

Oracle VirtualBox, Adobe Reader, Windows Hacked at Pwn2Own 2020
2020-03-20 05:12

On the second day of the Pwn2Own 2020 hacking competition, participants earned a total of $90,000 for exploits targeting Oracle VirtualBox, Adobe Reader and Windows.

Amat Cama and Richard Zhu of team Fluoroacetate earned $50,000 for demonstrating that they could hijack a system by exploiting use-after-free vulnerabilities in Adobe Reader and the Windows kernel.

At the end of the day, Lucas Leong of the Zero Day Initiative - ZDI organizes Pwn2Own - had a special demonstration: a guest-to-host escape on VirtualBox.

On the first day of the event, researchers earned a total of $180,000 for hacking Windows 10, Ubuntu Desktop, Safari and macOS, which brings the total paid out this year to $270,000.

Since the automotive category requires in-person participation, any Tesla hacking attempts have been postponed "Until it's practical and safe to gather in a group setting," ZDI told SecurityWeek.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/jCp63TQ03bM/oracle-virtualbox-adobe-reader-windows-hacked-pwn2own-2020

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Oracle 973 1146 6140 1140 730 9156
Adobe 166 68 2164 962 2112 5306