The Pwn2Own Automotive 2026 competition concluded in Tokyo, Japan, with security researchers earning a total of $1,047,000 for discovering 76 zero-day vulnerabilities. Over three days, hackers targeted a wide range of automotive technologies, including electric vehicle (EV) chargers, in-vehicle infotainment (IVI) systems, and specialized operating systems like Automotive Grade Linux. Vendors now have 90 days to address these flaws before public disclosure.
Team Fuzzware.io emerged as the winner, securing $215,000 in prizes after successfully hacking multiple charging stations and navigation receivers. Other notable winners included Team DDOS and Synactiv, the latter of which successfully demonstrated a USB-based attack against the Tesla Infotainment System using an exploit chain involving an out-of-bounds write flaw and an information leak.
Top comments (0)