Security News > 2024 > January > Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
2024-01-24 13:36

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.

Synacktiv Team took home $100,000 after successfully chaining three zero-day bugs to get root permissions on a Tesla Modem.

After the zero-day bugs are exploited and reported during the Pwn2Own competition, vendors have 90 days to develop and release security fixes before TrendMicro's Zero Day Initiative publicly discloses them.

The Pwn2Own Automotive 2024 hacking contest focuses on automotive technologies and takes place this week in Tokyo, Japan, during the Automotive World auto conference between January 24 and January 26.

They'll also demo zero-day exploits targeting Tesla Model 3/Y or Tesla Model S/X systems, including the infotainment system, modem, tuner, wireless, and autopilot.

During the Pwn2Own Vancouver 2023 competition in March, security researchers earned $1,035,000 and a Tesla Model 3 car after demoing 27 zero-day.


News URL

https://www.bleepingcomputer.com/news/security/tesla-hacked-24-zero-days-demoed-at-pwn2own-automotive-2024/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Tesla 6 3 5 1 0 9