¡Bienvenidos a Miami!
Welcome to Pwn2Own Miami for 2023! We’ve got another exciting event with 16 entries target 11 different targets. As always, we began our contest with a random drawing to determine the order of attempts. If you missed it, you can watch the replay here.
The complete schedule for the contest is below (all times Eastern [GMT -5:00]).
Note: All times subject to change
Tuesday, February 14 – 0930
Claroty Research – Team82 targeting the Inductive Automation Ignition – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Tuesday, February 14 – 1030
Team ECQ targeting the Softing edgeConnector Siemens – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Tuesday, February 14 – 1130
Claroty Research – Team82 targeting the Triangle Microworks SCADA Data Gateway in the Data Gateway category for $20,000 and 20 Master of Pwn points
Tuesday, February 14 – 1230
20urdjk targeting the Inductive Automation Ignition – RCE in the OPC UA Client category for $20,000 and 20 Master of Pwn points
Tuesday, February 14 – 1330
Claroty Research – Team82 targeting the PTC KepServerEx – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Tuesday, February 14 – 1530
Claroty Research – Team82 targeting the OPC Foundation OPC UA .NET Standard – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Wednesday, February 15, 0930
Claroty Research – Team82 targeting the Softing edgeConnector Siemens – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Wednesday, February 15, 1030
Team ECQ targeting the Triangle Microworks SCADA Data Gateway in the Data Gateway category for $20,000 and 20 Master of Pwn points
Wednesday, February 15, 1130
Claroty Research – Team82 targeting the Inductive Automation Ignition – RCE in the OPC UA Client category for $20,000 and 20 Master of Pwn points
Wednesday, February 15, 1230
STAR Labs targeting the Unified Automation UaGateway – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Wednesday, February 15, 1330
Claroty Research – Team82 targeting the Unified Automation UaGateway – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Wednesday, February 15, 1530
Claroty Research – Team82 targeting the Softing edgeConnector Siemens – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Thursday, February 16 – 0930
Claroty Research – Team82 targeting the Prosys OPC UA Simulation Server – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Thursday, February 16 – 1030
Axel “0vercl0k” Souchet targeting the Unified Automation UaGateway – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Thursday, February 16 – 1130
Claroty Research – Team82 targeting the Softing edgeConnector Siemens – DoS in the OPC UA Server category for $5,000 and 5 Master of Pwn points
Thursday, February 16 – 1230
shuffle2 targeting the PTC KepServerEx – RCE in the OPC UA Server category for $20,000 and 20 Master of Pwn points
We’ll be publishing results live on the blog as the contest unfolds. We’ll also be posting brief video highlights to Twitter, YouTube, Mastodon, LinkedIn, and Instagram, so follow us on your favorite flavor of social media for the latest news from the event.
Written by admin
NEWS
-
How AI Is Personalizing Customer Service Experiences Across Industries
September 7, 2024Customer service departments across industries are facing increased call volumes, high customer service agent turnover, talent shortages and shifting customer expectations. Customers expect both self-help options and real-time, person-to-person support. These expectations for seamless, personalized experiences extend across digital communication... -
ZDI-24-1195: Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability
September 6, 2024This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a... -
ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
September 6, 2024This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI...