Announcing Pwn2Own Automotive for 2025

If you just want to read the rules, you can find them here.

Earlier this year we held our inaugural Pwn2Own Automotive contest, and it was a rousing success. On our biggest-ever stage (literally), we awarded $1,323,750 over the three-day event as researchers from around the globe demonstrated 49 unique zero days. Today, we’re excited to announce that we will be returning to Tokyo and the Automotive World conference for Pwn2Own Automotive 2025. The event will be held on January 22-24, 2025, and we have some exciting challenges planned for our second year.

As always, we’re pleased to be working with our cohorts over at VicOne again. Their help was instrumental in the success we had at our first event, and we’re glad to be partnering with them once more. Tesla also returns as a sponsor. They have worked with us extensively for our Pwn2Own events, and we rely on their guidance and understanding of the complexities of electric vehicles (EV). They also brought their wall charger to this year’s event, so that should be exciting. Altogether, we have more than $1,000,000 USD in cash and prizes available, and we can’t wait to see what researchers bring to demonstrate in Tokyo.

As with other Pwn2Own events, we’ll have a random drawing to determine the schedule of attempts the day before the contest, and we will proceed from there. As always, if you have questions, don't hesitate to get in touch with us at pwn2own@trendmicro.com. We will be happy to address your issues or concerns directly.

Now on to the four categories we’ll have for the first Pwn2Own Automotive contest:

Since its introduction to Pwn2Own in 2019, the Tesla category has always been a highlight, with some of the most innovative research being demonstrated on the EV. At the inaugural Pwn2Own Automotive, the team from Synacktiv exploited it twice on their way to winning Master of Pwn. Contestants can register an entry against the Tesla Model 3/Y (Ryzen-based) equivalent bench top unit, and it wouldn’t surprise me if someone needs to run their exploits in an RF enclosure to prevent interference with vehicles that might be driving by.  Also note that while a Tesla is available as a prize, not every successful attempt will win the vehicle itself. Some of the targets have add-ons available, but to drive away in your new ride, you need to target one of the entries marked “Vehicle Included” in the table below. Also note that the targets have changed a bit this year to keep things interesting.

Previous exploits in this category have provided highlights of past events, and we’re hopeful we’ll see something similar this year. If you are going to participate in this category, please notify us at least two weeks before the event so we can source the hardware in time for the contest. And please read the rules thoroughly if you’re going after one of the bigger prizes. With over $500,000 on the line, you should make sure all your bases are covered.

Other highlights from the inaugural contest were found in the IVI category, which saw the NCC Group put a playable version of Doom on an Alpine system. More than just stereos, the modern IVI is the gateway to your car’s internal systems. Navigation, in-car internet, and Wi-Fi are provided through these devices, but they also serve a connection to other vehicle systems through the CAN bus – making them a ripe target for attackers. These devices are also retrofitted to existing vehicles to modern capabilities – and perhaps modern vulnerabilities as well. This year, we’re bringing four IVI devices to the contest:

At the first Pwn2Own Automotive, this proved to be the most popular category with every charger targeted at least once. Sina Kheirkhah even turned on the manufactured-disabled camera for a Rick Roll. We’ve expanded the target list for this year with the inclusion of the Tesla Wall Connector along with models from WOLFBOX and EMPORIA. Attack surfaces in scope for the contest include mobile apps, Bluetooth Low Energy (BLE) connections, and the OCPP protocol could all allow threat actor to cause harm to an EV. There’s no official bonus for style points, be we always love exploits that make us laugh. An attempt in this category must be launched against the target's exposed services or against the target’s communication protocols/physical interfaces that are accessible to a typical user.

We’re also amping up the challenge this year by adding a couple of extras in this category (…and yes, pun intended). The first extra challenge is a Charging Connector Protocol/Signal Manipulation attack. The entry must gain code execution on the EV Charger and the resulting payload must manipulate the protocol and/or signals being transmitted via the Charging Connector. If you can accomplish this, you’ll earn an extra $10,000 and 1 more Master of Pwn point. Really want a challenge? Then go for the Charging Connector Attack. For this one, the entry must originate from the Charging Connector and compromise the EV Charger. If you accomplish this one, it earns you an additional $20,000 and 2 more Master of Pwn points.

It’s odd to think of operating systems within a car, but they are there – and they’re there in abundance. If you drive a recent Mercedes, Subaru, Mazda, or Toyota, there’s a good chance you’re also driving something with Automotive Grade Linux (AGL) installed. How do these onboard OSes compare to their desktop counterparts? The first contest saw AGL successfully targeted. It will be intriguing to see if the other OSes are targeted this year. An attempt in this category must be launched against the target's exposed services/features or launched against the target’s communication protocols that are accessible to a typical user.

Master of Pwn

No Pwn2Own contest would be complete without crowning a Master of Pwn, which signifies the overall winner of the competition. Earning the title results in a slick trophy, a different sort of wearable, and brings with it an additional 65,000 ZDI reward points (instant Platinum status in 2026).

For those not familiar with how it works, points are accumulated for each successful attempt. While only the first demonstration in a category wins the full cash award, each successful entry claims the full number of Master of Pwn points. Since the order of attempts is determined by a random draw, those who receive later slots can still claim the Master of Pwn title – even if they earn a lower cash payout. As with previous contests, there are penalties for withdrawing from an attempt once you register for it. If the contestant decides to remove an Add-on Bonus during their attempt, the Master of Pwn points for that Add-on Bonus will be deducted from the final point total for that attempt.

The Complete Details

The full set of rules for Pwn2Own Automotive 2025 can be found here. They may be changed at any time without notice. We highly encourage potential entrants to read the rules thoroughly and completely should they choose to participate. We also encourage contestants to read this blog covering what to expect when participating in Pwn2Own.

Registration is required to ensure we have sufficient resources on hand at the event. Please contact ZDI at pwn2own@trendmicro.com to begin the registration process. (Email only, please; queries via social media, blog post, or other means will not be acknowledged or answered.) If we receive more than one registration for any category, we’ll hold a random drawing the day before the contest to determine the contest order. Registration closes at 5:00 p.m. Japanese Standard Time on January 16, 2025.

The Results

We’ll be blogging and tweeting results in real-time throughout the competition. Be sure to keep an eye on the blog for the latest information. We’ll also be posting live results on Twitter, Mastodon, LinkedIn, and Bluesky, so follow us on your favorite social platform for the latest news, and keep an eye on the #P2OAuto hashtag for continuing coverage.

We look forward to seeing everyone in Tokyo, and we look forward to seeing what new exploits and attack techniques they bring with them.

With special thanks to our Pwn2Own Automotive 2025 partners, Tesla, for providing their assistance and technology. Thanks also to the researchers from VicOne for their guidance and recommendations.

©2024 Trend Micro Incorporated. All rights reserved. PWN2OWN, ZERO DAY INITIATIVE, ZDI, and Trend Micro are trademarks or registered trademarks of Trend Micro Incorporated. All other trademarks and trade names are the property of their respective owners.