The recent Pwn2Own Automotive 2026 competition has identified a total of 76 unique zero-day vulnerabilities affecting a range of automotive software systems, including those in Tesla infotainment and EV chargers. This year’s event, held in Tokyo, featured a record 73 entries, with competitors receiving over $1 million in rewards for their successful exploits.
Competition Overview
Pwn2Own competitions invite ethical hackers to demonstrate their ability to exploit specific targets within a limited timeframe. Successful attempts earn cash prizes and points, which are awarded based on the uniqueness, impact, and complexity of the exploits. The event concluded with significant findings that highlight vulnerabilities in critical automotive technologies.
Notable Exploits
The largest payout of the competition was awarded to a team from Fuzzware.io, who exploited an out-of-bounds write vulnerability in the Alpitronic HYC50 EV charger. This exploit earned them $60,000 and six points on the first day of the event. Overall, Fuzzware secured the title of Master of Pwn with a total of 28 points and winnings amounting to $215,500 from seven successful demonstrations.
Another team demonstrated a Time-of-Check to Time-of-Use vulnerability in the same charger, which they used to install a playable version of Doom on the device’s screen, earning an additional $20,000. Furthermore, the Tesla infotainment system was compromised by the Synacktiv team, who successfully chained an information leak with an out-of-bounds write vulnerability.
Implications for Affected Vendors
The numerous vulnerabilities identified during the competition raise concerns about the security of automotive software systems. The event underscores the necessity for affected vendors to act swiftly in addressing these vulnerabilities to protect users and maintain system integrity.
Conclusion
As the automotive industry increasingly relies on software for functionality and safety, the findings from Pwn2Own Automotive 2026 serve as a critical reminder of the ongoing security challenges faced by these systems. The competition not only highlights the skills of ethical hackers but also the urgent need for robust security measures in automotive technologies.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
