Summary: The Pwn2Own Automotive 2025 hacking contest concluded with researchers earning $886,250 by exploiting 49 zero-day vulnerabilities in various automotive software and products. The event highlighted security flaws in electric vehicle chargers, car operating systems, and in-vehicle infotainment systems. Summoning Team’s Sina Kheirkhah emerged as the winner, showcasing significant exploits against EV chargers and IVI systems.
Threat Actor: Summoning Team | Summoning Team
Victim: Automotive Software Vendors | automotive software vendors
Keypoints :
- Researchers targeted the latest automotive software, including Android Automotive OS and BlackBerry QNX.
- The competition saw a total of 49 zero-days exploited over three days, with cash awards distributed for each successful hack.
- Vendors have 90 days to patch the vulnerabilities before they are publicly disclosed by TrendMicro’s Zero Day Initiative.