Welcome to the second and final day of Pwn2Own Vancouver 2024! We saw some amazing research yesterday, including a Tesla exploit and a single exploit hitting both Chrome and Edge. So far, we have paid out $723,500 for the event, and we’re poised to hit $1,000,000 again. Today looks to be just as exciting with more attempts in virtualization, browser sandbox escapes, and the Pwn2Own’s first ever Docker escape, so stay tuned for all of the results!
SUCCESS – Marcin WiÄ…zowski used an improper input validation bug to escalate privileges on Windows 11. He earns $15,000 and 3 Master of Pwn points.
SUCCESS – STAR Labs SG’s exploit of VMware Workstation used two bugs. One is an uninitialized variable, but the other was previously known. They still win $30,000 and 6 Master of Pwn points.
SUCCESS – ColdEye used two bugs, including a UAF, to exploit Oracle VirtualBox. He even managed to leave the guest OS intact. His guest-to-host escape earns him $20,000 and 4 Master of Pwn points.
SUCCESS – Manfred Paul (@_manfp) used an OOB Write for the RCE and an exposed dangerous function bug to achieve his sandbox escape of Mozilla Firefox. He earns another $100,000 and 10 Master of Pwn points, which puts him in the lead with 25.
SUCCESS – First time Pwn2Own contestant Gabriel Kirkpatrick (gabe_k of exploits.forsale) used an always tricky race condition to escalate privileges on #Windows 11. He earns $15,000 and 3 Master of Pwn points.
SUCCESS – Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) from Palo Alto Networks used an OOB Read plus a novel technique for defeating V8 hardening to get arbitrary code execution in the renderer. The were aboe to exploit Chrome and Edge with the same bugs, earning $42,500 and 9 Master of Pwn points.
BUG COLLISION – STAR Labs SG successfully demonstrated their privilege escalation on Ubuntu desktop. However, they used a bug that was previously reported. They still earn $5,000 and 1 Master of Pwn point.
BUG COLLISION – Although the Hackinside Team was able to escalate privileges on Windows 11 through an integer underflow, the bug was known by the vendor. They still earn $7,500 and 1.5 Master of Pwn points.
SUCCESS -Seunghyun Lee (@0x10n) of KAIST Hacking Lab used a UAF to RCE in the renderer on both #Micosoft Edge and #Google Chrome. He earns $85,000 and 9 Master of Pwn points. That brings his contest total to $145,000 and 15 Master of Pwn points.
SUCCESS – The first Docker desktop escape at Pwn2Own involved two bugs, including a UAF. The team from STAR Labs SG did great work in the demonstration and earned $60,000 and 6 Master of Pwn points.
SUCCESS – Valentina Palmiotti (@chompie1337) with IBM X-Force used an Improper Update of Reference Count bug to escalate privileges on Windows 11. She nailed her first #Pwn2Own event and walks away with $15,000 and 3 Master of Pwn points.
Written by admin
NEWS
-
How AI Is Personalizing Customer Service Experiences Across Industries
September 7, 2024Customer service departments across industries are facing increased call volumes, high customer service agent turnover, talent shortages and shifting customer expectations. Customers expect both self-help options and real-time, person-to-person support. These expectations for seamless, personalized experiences extend across digital communication... -
ZDI-24-1195: Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability
September 6, 2024This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a... -
ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
September 6, 2024This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI...