That’s a wrap for Pwn2Own Vancouver! Contestants disclosed 27 unique zero-days and won a combined $1,035,000 (and a car)! Congratulations to the Masters of Pwn, Synacktiv (@Synacktiv), for their huge success and hard work! They earned 53 points, $530,000, and a Tesla Model 3.
Follow us here and on Twitter, YouTube, Mastodon, LinkedIn, and Instagram to keep up with the latest news – and stay tuned for Pwn2Own Toronto in October!
Welcome to Day 3 of Pwn2Own Vancouver 2023. We’ll be updating this blog in real time as results become available. For this year’s event, each round will receive the full payout for unique entries.
SUCCESS – Kyle Zeng from ASU SEFCOM used a double free bug to exploit Ubuntu Desktop. He earns $30,000 and 3 Master of Pwn points.
FAILURE – STAR Labs was unable to get their exploit of Microsoft Teams working within the time allotted.
SUCCESS – Thomas Imbert (@masthoon) from Synacktiv (@Synacktiv) used a UAF against Microsoft Windows 11. They earn $30,000 and 3 Master of Pwn points.
SUCCESS – Mingi Cho of Theori used a UAF against Ubuntu Desktop. They earn $30,000 and 3 Master of Pwn points.
SUCCESS – STAR Labs (@starlabs_sg) used an uninitialized variable and UAF against VMWare Workstation. They earn $80,000 and 8 Master of Pwn points.
COLLISION – Bien Pham (@bienpnn) of Qrious Security successfully targeted Ubuntu Desktop, but the exploit was previously known. They still earn $15,000 and 1.5 Master of Pwn points.
Written by admin
NEWS
-
Up to No Good: ‘No Rest for the Wicked’ Early Access Launches on GeForce NOW
April 19, 2024It’s time to get a little wicked. Members can now stream No Rest for the Wicked from the cloud. It leads six new games joining the GeForce NOW library of more than 1,500 games. Holy Moly There’s always another fight... -
Wide Open: NVIDIA Accelerates Inference on Meta Llama 3Â Â Â
April 19, 2024NVIDIA today announced optimizations across all its platforms to accelerate Meta Llama 3, the latest generation of the large language model (LLM). The open model combined with NVIDIA accelerated computing equips developers, researchers and businesses to innovate responsibly across a... -
CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability
April 18, 2024In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Jason McFadyen of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in Microsoft Windows. This bug was originally discovered by...