Zero-Day Bonanza: Hackers Bag $382K on Day 1 of Pwn2Own Automotive 2025!
Pwn2Own Automotive 2025 kicks off with a bang as researchers nab $382,750 for uncovering 16 zero-days. Fuzzware.io leads by hacking EV chargers, earning $50,000. It’s a high-stakes race of wits, tech, and a bit of luck as hackers target automotive systems in Tokyo. Who knew bugs could be so lucrative?
Hot Take:
Who knew that breaking into electric vehicle chargers could be more lucrative than actually selling them? With nearly $400,000 in cash awards given out in one day, these hackers are making more in 24 hours than some auto execs make in a month. Maybe it’s time for car manufacturers to start offering “Master of Pwn” points as part of their warranty packages!
Key Points:
- Fuzzware.io leads the Pwn2Own Automotive 2025 competition after exploiting vulnerabilities in Autel and Phoenix Contact chargers, bagging $50,000.
- Sina Kheirkhah of Summoning Team earns $91,750 by hacking Ubiquiti and Phoenix Contact chargers using a hard-coded cryptographic key bug.
- Synacktiv Team demonstrates a bug in the OCPP protocol, earning $57,500, while PHP Hooligans hack an Autel charger for a $50,000 reward.
- Viettel Cyber Security team earns $20,000 by exploiting an OS command injection zero-day on Kenwood’s IVI system.
- Pwn2Own 2025 focuses on automotive tech, with vendors having 90 days to fix reported vulnerabilities before public disclosure.
Already a member? Log in here