Mar 24 2023

Hacking contest Pwn2Own: Ubuntu, Tesla, macOs and Windows 11 cracked

Category: Hacking,Information SecurityDISC @ 7:08 am

It is the third day of the PWN2OWN VANCOUVER 2023 hacking contest. So far, security researchers managed to crack the operating systems Ubuntu, macOS and Windows 11, and other products, including Tesla cars and Adobe Reader.

Security researchers who managed to hack their targets win price money and the hacked devices, even if it is a Tesla.

Six of the eight hacks on day one were successful, a seventh was also successful, but it used an exploit that was known previously. Only one attempt failed to hack the target in time.

Here is the day one overview:

  • AbdulAziz Hariri of Haboob SA used a 6-bug logic chain exploiting multiple failed patches against Adobe Reader to escape the application’s sandbox and bypass a banned API list.
  • STAR Labs hacked Microsoft SharePoint successfully, using a 2-bug chain attack.
  • Bien Pham from Qrious Security exploited Oracle VirtualBox successfully using an OOB Read and a stacked-based buffer overflow.
  • Synacktiv successfully hacked a Tesla Model 3. They executed a TOCTOU (Time-of-Check-to-Time-of-Use) attack against Tesla – Gateway.
  • Marcin Wi?zowski managed to elevate privileges on Microsoft’s Windows 11 operating system using an improper input validation bug.
  • Synacktiv was able to escalate privileges on Apple macOS using a TOCTOU bug.
  • STAR Labs used an already known exploit to successfully hack Ubuntu Desktop.
  • last_minute_pwnie fafiled to get an Ubuntu exploit working.

A total price money of $375,000 was awarded to the successful researchers and teams. The Tesla Model 3 changed owner as well.

On day two, security researchers managed to hack Oracle VirtualBox, Microsoft Teams, another Tesla, and Ubuntu Desktop.

Here is the day two overview:

  • Thomas Imbert  and Thomas Bouzerar  from Synacktiv used a 3-bug chain against Oracle VirtualBox with a Host EoP.
  • Team Viettel hacked Microsoft Teams successfully using a 2-bug chain.
  • David Berard and Vincent Dehors from Synacktiv managed to get an exploit working that gave them unconfined root access in a Tesla. They used heap overflow and an OOB write for that.
  • dungdm of Team Viettel exploited Oracle VirtualBox using an uninitialized variable and a UAF bug.
  • Tanguy Dubroca from Synacktiv managed to escalate privilege on Ubuntu Desktop using an incorrect pointer scaling.

The researchers received $475,000 in price money on the second day.

Attacks against Ubuntu Desktop, Microsoft Teams, Microsoft Windows 11, and VMWare Workstation are planned for the third and final day of the hacking competition.

Additional information about the successful hacks and exploits have not been released to the public.  Companies whose products have been exploited will create security patches to protect their devices and applications from potential attacks targeting the bugs.

Expect security updates for all hacked products in the coming days and weeks.

InfoSec Threats | InfoSec books | InfoSec tools | InfoSec services

Tags: pwn2own

Leave a Reply

You must be logged in to post a comment. Login now.