Building on the success of its 2024 debut, which uncovered 49 zero-day vulnerabilities, the competition aims to strengthen automotive cybersecurity by discovering and addressing previously unknown vulnerabilities in cutting-edge automotive technologies, including software-defined vehicles (SDVs).
“Together with ZDI, VicOne is contributing to building a safer future for software-defined vehicles,” said Max Cheng, CEO of VicOne. “By uncovering zero-day vulnerabilities, we facilitate early risk identification and mitigation, critical as the automotive sector evolves.”
A Platform for Innovation and Security
Pwn2Own Automotive invites elite security researchers to test real-world scenarios across four categories: Tesla vehicles, in-vehicle infotainment (IVI) systems, electric vehicle chargers, and operating systems. Successful participants must demonstrate code execution on targeted systems, earning prizes from a pool exceeding $1 million and the coveted title of “Master of Pwn.”
“This collaboration showcases ZDI’s commitment to addressing real-world cyberattack scenarios in partnership with VicOne’s unmatched automotive cybersecurity expertise,” said Brian Gorenc, Vice President of Threat Research at Trend Micro, VicOne’s parent company.
Participants must identify vulnerabilities that are entirely unknown and unreported. Contest registration, including submission of a white paper detailing testing methods, closes on January 16, 2025, at 5:00 PM JST.
Beyond the Contest
VicOne will also feature its portfolio of cybersecurity solutions at the Consumer Electronics Show (CES) 2025 in Las Vegas, from January 7-10, highlighting its collaboration with P3 digital services for secure Android Automotive OS environments.