Pwn2Own Contests See Several Hacks of Tesla Gear

This year's Pwn2Own Automotive hacking competition saw researchers successfully breach Tesla's electric vehicle (EV) charger with a wall plug. During Tokyo's Automotive World exhibition, the yearly competition centers on hacking automotive systems. Researchers can use the competition to target automotive operating systems, electric vehicles, chargers, and infotainment systems to find possible risks and hidden vulnerabilities.

The PHP Hooligans allegedly took control of the EV charger and crashed it using a "numeric range comparison without minimum check" zero-day vulnerability, according to Zero Day Initiative. Their achievement won them five Master of Pwn points and $50,000 in prize money. Synacktic, which hacked the Tesla EV charger via the charging port, was right behind them.

23 other zero-day vulnerabilities in WOLFBOX, ChargePoint Home Flex, Autel MaxiCharger, Phoenix Contact CHARX, and EMPORIA EV chargers were also exploited by the PHP Hooligans. On the second day of the competition, onsite security researchers who found 39 distinct zero-days received $718,250 in incentives from Trend Micro's Zero Day Initiative. With 24.5 points, Sina Kheirkhah is presently leading the Pwn2Own competition. Synacktiv is in second place, while PHP Hooligans is in third.