29 0-days Uncovered : Hackers Earned $1,132,500 Pwn2Own Vancouver 2024

The Pwn2Own Vancouver 2024 has come to an end, with researchers receiving a total of $1,132,500 for uncovering 29 distinct zero-day vulnerabilities. 

Manfred Paul has been granted the title of Pwn Master. In all, he earned $202,500 and 25 points.

On the first day, a new Tesla Model 3 was given to the Synacktiv (@synacktiv) team.

Highlights Of Day 2

Marcin Wiązowski elevated privileges on Windows 11 using an improper input validation flaw. He received $15,000 along with three Master of Pwn points.

Two bugs were used in STAR Labs SG’s VMware Workstation hack. The other variable was known beforehand, while the first is uninitialized.

They still receive $30,000 and six Master of Pwn points.

To exploit Oracle VirtualBox, ColdEye used two vulnerabilities, one of which was a UAF.

Even the guest OS remained undamaged. He gains four Master of Pwn points and $20,000 for his guest-to-host escape.

Manfred Paul (@_manfp) accomplished his Mozilla Firefox sandbox escape by using an OOB Write for the RCE and an exposed dangerous function bug.

He gains an additional $100,000 in addition to 10 Master of Pwn points, putting him ahead of the lead with 25.

Gabriel Kirkpatrick (gabe_k of exploits.forsale), a first-time Pwn2Own competitor, escalated privileges on #Windows 11 by utilizing an inherently difficult race condition.

Along with three Master of Pwn points, he receives $15,000.

Palo Alto Networks’ Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) leveraged an OOB Read in conjunction with a unique method to get beyond V8 hardening and obtain arbitrary code execution in the renderer.

They proceeded to use the same weaknesses to exploit Chrome and Edge, collecting $42,500 and nine Master of Pwn points.

KAIST Hacking Lab’s Seunghyun Lee (@0x10n) utilized a UAF to RCE in the renderer on both Microsoft Edge and Google Chrome.

He receives $9 Master of Pwn points and $85,000. His contest total now stands at $145,000 plus 15 Master of Pwn points.

Using an Improper Update of Reference Count flaw, Valentina Palmiotti (@chompie1337) of IBM X-Force was able to escalate privileges on Windows 11.

She won three Master of Pwn points and $15,000 after nailing her first #Pwn2Own competition.

On the Pwn2Own first day, the hackers particularly hacked Oracle VM, Adobe Reader, Microsoft Sharepoint, Tesla ECU, and Ubuntu.

Especially, combining a heap-based buffer overflow, a UAF, and an uninitialized variable flaw, Gwangun Jung (@pr0ln) and Junoh Lee (@bbbig12) from Theori (@theori_io) were able to escape VMware Workstation and run code as SYSTEM on the host Windows OS.

They receive $130,000 and 13 Master of Pwn points for their outstanding achievement.

The Synacktiv (@synacktiv) team exploited the Tesla ECU with Vehicle (VEH) CAN BUS Control by using a single integer overflow.

The winners receive a new Tesla Model 3 (their second!), $200,000, and 20 Master of Pwn points.

Based on the last three Pwn2Own events (Vancouver, Automotive, and Toronto), ZDI has given out $3,494,750 at Pwn2Own events this year. 

Additionally, you can find a comprehensive overview of the Pwn2Own Vancouver 2024 Day 2 results here.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.