Pierluigi Paganini January 26, 2024

Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition.

White hat hackers from the Synacktiv Team (@Synacktiv) compromised the Tesla infotainment system on the second day of the Pwn2Own Automotive 2024 hacking competition. The bug hunters chained two vulnerabilities to hack the Tesla infotainment system, they earned $100,000 and 10 Master of Pwn Points.

The Synacktiv Team also hacked the Automotive Grade Linux operating system by chaining three vulnerabilities. The team earned $35,000 for this hack.

The NCC Group EDG team successfully hacked Alpine Halo9 iLX-F509 by chaining two vulnerabilities. The team played the popular video game DOOM on the device.

During the second day, participants earned a total of $382,500 for demonstrating 24 zero-days.

The bug hunters earned $1,101,500 since the start of the competition, demonstrating a total of 48 zero-days.

Additional details about the hacking attempts and their results for the Pwn2Own Day Two are available here:

https://www.zerodayinitiative.com/blog/2024/1/24/pwn2own-automotive-2024-day-two-results

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Pwn2Own)