Pwn2Own Toronto 2023 hacking competition concluded with the total demonstrated vulnerabilities of 58.
The participants have successfully exploited routers, printers, smart speakers, NAS products, surveillance systems, and mobile phones, earning more than $1 million in rewards during the course of 4 days.
During the first day of the competition, 18 exploits were demonstrated, and more than $400,000 was earned. During the second day, 15 exploits demonstrated. Durin third day 8 exploits, and 3 exploits were demonstrated on the last day.
The highest reward, of $100,000, was awarded on the second day of the contest to Chris Anastasio, for bugs in the P-Link Omada Gigabit router and one in the Lexmark CX331adwe printer.
Team Viettel demonstrated multiple exploits, earning a total of $180,000 in rewards. Team Orca of Sea Security was also able to successfully demonstrate multiple exploits, earning roughly $116,000, while Pentest Limited earned $90,000 in rewards.
Interrupt Labs, Star Labs SG, a Devcore intern, ANHTUD, Claroty, team ECQ, Sina Kheirkhah, Binary Factory, Synacktiv, Rafal Goryl, Sonar, ToChim, Nguyen Quoc Viet, and others also demonstrated successful exploits, though not all of them targeted new vulnerabilities.
All the vulnerabilities have been reported to the vendors, who have 90-days to address them before details are made public.
The total paid out at Pwn2Own Toronto 2023 was higher than last year, when 26 contestants signed up for 66 exploits and earned close to $1 million throughout the four-day event
Source : SecurityWeek