Building an electric vehicle simulator to research EVSEs 文章描述了一个用于模拟电动汽车充电状态的设备设计和组装过程，旨在帮助研究人员在Pwn2Own Automotive 2025活动中测试充电设备的安全性。该设备基于J1772标准，通过电阻和PWM信号模拟车辆连接和充电请求，并强调了高电压操作中的安全注意事项。... 2025-3-19 18:40:54 | 阅读: 33 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com ev evse simulator j1772 charging

The March 2025 Security Update Review 2025年3月补丁星期二更新中，微软修复了56个CVE漏洞（含6个关键漏洞），Adobe修复了37个CVE漏洞（含多个高危代码执行漏洞）。微软本次更新中有6个漏洞被报告为活跃攻击目标。... 2025-3-11 17:39:36 | 阅读: 4 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com exploited attacker microsoft substance windows

CVE-2024-43639: Remote Code Execution in Microsoft Windows KDC Proxy 微软Windows KDC代理存在整数溢出漏洞（CVE-2024-43639），因缺少Kerberos响应长度检查导致远程代码执行风险。已修补。... 2025-3-4 17:2:27 | 阅读: 22 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com proxy asn1 octets encoder

Announce Pwn2Own Berlin and Introducing an AI Category Pwn2Own 2025将于2025年5月15日至17日在柏林的OffensiveCon会议上举行，新增AI类别并涵盖Web浏览器、云原生/容器、虚拟化等多领域目标，总奖金超百万美元。... 2025-2-24 16:45:33 | 阅读: 19 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own tesla contest payouts windows

The February 2025 Security Update Review 这篇文章总结了2025年2月微软和Adobe的安全更新。Adobe修复了45个CVE，涉及多个产品；微软修复了67个CVE，包括三个关键漏洞和两个已被公开利用的漏洞。文章还强调了一些高风险漏洞，并提醒用户及时部署补丁以应对潜在威胁。... 2025-2-11 19:8:38 | 阅读: 43 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft exploited attacker windows cves

Looking Back at the Trend ZDI Activities from 2024 文章总结了Trend ZDI在2024年的成果：Pwn2Own竞赛发现148个零日漏洞；发布1741个安全公告；内部贡献占40%。未来将继续举办竞赛并加强安全研究。... 2025-2-7 17:11:4 | 阅读: 24 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own awarded security zdi contest

Pwn2Own Automotive 2025 - Day Three and Final Results Welcome to the third and final day of Pwn2Own Automoti... 2025-1-24 03:17:16 | 阅读: 18 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com charger earns ev pwn2own 750

Pwn2Own Automotive 2025 - Day Two Results Welcome to the second day of Pwn2Own Automotive 2025.... 2025-1-23 03:41:34 | 阅读: 23 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com pwn2own ev tesla earn wolfbox

Pwn2Own Automotive 2025 - Day One Results January 21, 2025 | Dustin Childs... 2025-1-22 03:23:23 | 阅读: 33 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com automotive pwn2own ivi charger pioneer

Pwn2Own Automotive 2025: The Full Schedule こんにちは and welcome to the second annual Pwn2Own Automotive competition. We are at Automotive World... 2025-1-21 08:49:24 | 阅读: 37 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com vehicle ivi 20000 chargers

Looking at the Attack Surfaces of the Pioneer DMH-WT7600NEX IVI For the upcoming Pwn2Own Automotive contest, a total of four in-vehicle infotainment (IVI) head u... 2025-1-20 16:0:0 | 阅读: 22 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com software partitions emmc carplay bootloader

Reviewing the Attack Surface of the Autel MaxiCharger: Part Two Previously, we covered the internals of the Autel Max... 2025-1-16 16:0:0 | 阅读: 8 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com autel charger firmware charge maxicharger

Reviewing the Attack Surface of the Autel MaxiCharger: Part One For the upcoming Pwn2Own Automotive contest a total of 7 electric vehicle chargers have been sele... 2025-1-15 14:45:0 | 阅读: 26 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com 4g maxicharger pins uart mcu

The January 2025 Security Update Review Welcome to the first Patch Tuesday of the new year. Even while preparing for Pwn2Own Automotive,... 2025-1-14 18:29:48 | 阅读: 61 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft remote windows security cves

Looking at the Attack Surfaces of the Sony XAV-AX8500 Part 2 In our previous Sony XAV-AX8500 blog post, we detailed the internals of the head unit and provide... 2025-1-10 16:13:26 | 阅读: 26 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com ax8500 xav carplay automotive sony

Looking at the Attack Surfaces of the Sony XAV-AX8500 For the upcoming Pwn2Own Automotive contest a total o... 2025-1-9 16:30:2 | 阅读: 33 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com xav ax8500 automotive underside emmc

ZDI Threat Hunting 2024: Highlights, Trends, & Challenges Reflecting on 2024, it has been an eventful year for the Zero Day Initiative Threat Hunting team.... 2025-1-8 17:7:59 | 阅读: 31 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com security microsoft software zdi

Detailing the Attack Surfaces of the Tesla Wall Connector EV Charger The Tesla Wall Connector is a Level 2 electric vehicl... 2024-12-17 16:49:57 | 阅读: 31 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com connector tesla firmware stm32 mcu

SolarWinds Access Rights Manager: One Vulnerability to LPE Them All Some time ago, I spent some time researching a core S... 2024-12-13 00:50:56 | 阅读: 25 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com deletion machine attacker privileges

The December 2024 Security Update Review We have made it to the end of the year and the final Patch Tuesday of 2024. As expected, Microsof... 2024-12-11 02:33:56 | 阅读: 26 | 收藏 | Zero Day Initiative - Blog - www.thezdi.com microsoft attacker cves remote substance