Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests

Source: VDWI Automotive via Alamy Stock Photo

NEWS BRIEF

Researchers at the this year’s Pwn2Own Automotive hacking contest successfully hacked Tesla’s wall connector electric vehicle (EV) charger.

The annual contest focuses on hacking automotive technologies during the Automotive World tradeshow in Tokyo. The contest allows researchers to target car operating systems, electric vehicles, chargers, and infotainment systems in vehicles to uncover hidden vulnerabilities and potential threats.

Zero Day Initiative said the PHP Hooligans used a “numeric range comparison without minimum check” zero-day bug to take over the EV charger and crash it. This feat earned them $50,000 in prize money and five Master of Pwn points.

Right behind them was Synacktic, which hacked the Tesla EV charger through the charging connector.

The PHP Hooligans also exploited 23 other zero-day vulnerabilities in WOLFBOX, ChargePoint Home Flex, Autel MaxiCharger, Phoenix Contact CHARX, and EMPORIA EV chargers.

On day two of the contest, Trend Micro’s Zero Day Initiative paid out $718,250 in rewards to onsite security researchers who discovered 39 unique zero-days.

Sina Kheirkhah is currently leading the Pwn2Own contest with 24.5 points, followed by Synacktiv in second place, and PHP Hooligans in third.

About the Author

Skilled writer and editor covering cybersecurity for Dark Reading.