Pwn2Own 2019: Notable Hacks Demonstrated and Prize Winners

By Riley ThompsonTechnology News

Highlights from Pwn2Own 2019: Impressive Hacks and Prize Payouts

The results of the second day of the Pwn2Own 2019 competition, held annually as part of the CanSecWest conference in Vancouver, have been announced. During the event, researchers demonstrated working exploitation techniques for previously unknown vulnerabilities in Firefox, Edge, Safari, VMware Workstation, and VirtualBox. The total amount awarded reached $510,000, with the overall prize pool exceeding $2 million.

Successful Hacks Demonstrated

  • $35,000 – VirtualBox hack: Integer overflow combined with a race condition, allowing code execution on the host system from the guest environment.
  • $35,000 – VirtualBox hack: Integer overflow enabling access to the base system environment from the guest system.
  • $40,000 – Firefox hack: JIT bug plus a logic flaw used to escape sandbox isolation.
  • $50,000 – Firefox hack: JIT bug and out-of-bounds write in the Windows kernel, enabling code execution with kernel privileges.
  • $45,000 – Partial Safari hack: JIT bug and out-of-bounds read, followed by an attempt to gain root privileges via a kernel vulnerability.
  • $50,000 – Microsoft Edge hack: Double-free vulnerability during rendering and sandbox escape.
  • $55,000 – Safari hack with sandbox bypass.
  • $70,000 – VMware Workstation hack: Race condition and buffer overflow in the VMware client, allowing code execution on the host system.
  • $130,000 – Microsoft Edge hack with subsequent escape from the VMware guest environment, enabling code execution at the host system level.

Changes in Eligible Targets

This year, kernel hacks for Linux and most open-source projects (nginx, OpenSSL, Apache httpd) were excluded from the prize categories. Additionally, the Ubuntu distribution was removed from the list of hacking environments (in previous years, attempts in this category were limited to a 2017 demonstration of a Linux kernel 0-day vulnerability).

Upcoming Tesla Model 3 Hacks

Demonstrations of hacks targeting the Tesla Model 3’s information systems were scheduled for the following day, including attacks on the VCSEC component and the built-in Chromium-based browser. The total prize pool for Tesla-related hacks exceeded $900,000.

Update: Tesla Model 3 Infotainment System Hack

A successful hack of the Tesla Model 3 infotainment system was demonstrated via a vulnerability in the JIT compiler of the rendering system, which uses the Chromium engine. The researchers received $35,000 for this attack. The attempt to hack the VCSEC component in the Tesla Model 3 was withdrawn.

Leave a Reply