Participants in the Pwn2Own Automotive 2025 earned $886,250

The Pwn2Own Automotive 2025 hacking contest has ended, and participants earned $886,250 after demonstrating 49 zero-day flaws.

The Pwn2Own Automotive 2025 hacking contest has ended, and participants earned $886,250 after demonstrating 49 zero-day flaws. Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) obtained 30.5 Master of Pwn points and won the Master of Pwn earning $222.250.

On the third day bug hunters earned $168,000 for exploiting 10 zero-day vulnerabilities.

The Synacktiv (@Synacktiv) team exploited a buffer overflow to hack the Autel MaxiCharger. They also demonstrate signals being transmitted via the Charging Connector for the add on. The team earned $35,000 and 6 Master of Pwn points.

Bongeun Koo (@kiddo_pwn) of STEALIEN exploited the Ubiquiti charger using three bugs, two of which were known, earning $26,750 and 4.5 Master of Pwn points.

Sina Kheirkhah exploited a single flaw to exploit the ChargePoint EV charger. The researcher earned $25,000 and 5 Master of Pwn points.

Now vendors have 90 days to address the vulnerabilities demonstrated by participants before Zero Day Initiative publicly discloses the issues.

The results of the Day 3 of Pwn2Own Automotive 2025 can be found here.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Pwn2Own)