May 29, 2023

At the latest Pwn2Own competition hosted by Trend Micro, participants discovered zero-day vulnerabilities in a range of products.

The three-day competition, totally paid out $934,750 to contestants. 26 contestants and teams attempted to exploit 66 target products.

This year represented the tenth anniversary of the consumer-focused edition of the competition and featured a new category focusing on Small Office Home Office (SOHO) equipment. To protect against the growing threat to systems used by home workers, which may represent an attractive route via which malicious actors can compromise corporate networks.

Advertisements

The team from DEVCORE claimed their second title with winnings of $142,500 and 18.5 points. Team Viettel and the NCC group were close behind with 16.5 and 15.5 points respectively.

Among the vendors whose products were hacked by contestants were HP, Mikrotik, Sonos, TP-Link, Ubiquiti, Western Digital, Lexmark, and Netgear. Devices targeted included printers, routers, smart speakers, NAS devices, and smartphones, such as the Samsung Galaxy S22.

The OEM of the products that are hacked, will now have 120 days to patch the 63 zero-days found in their offerings before they are publicly disclosed by the ZDI.

Tags:

Leave a Reply

You may have missed

CrowdStrike strategy dominates MDR Market

CrowdStrike strategy dominates MDR Market

May 28, 2023
TheCyberThrone Security Week In Review–May 27, 2023

TheCyberThrone Security Week In Review–May 27, 2023

May 28, 2023
Zyxel Patches Critical Buffer Overflow Vulnerability

Zyxel Patches Critical Buffer Overflow Vulnerability

May 27, 2023
Apria Data Breach affects 2 million customers

Apria Data Breach affects 2 million customers

May 27, 2023
CosmicEnergy Malware Shutting Electric grid

CosmicEnergy Malware Shutting Electric grid

May 27, 2023
Operation Magalenha from Brazil

Operation Magalenha from Brazil

May 27, 2023
%d bloggers like this: