Here’s a breakdown of the key information from the provided text, focusing on the cash awards and zero-day exploits at the Pwn2Own Automotive hacking contest:
Key Highlights (as of the end of Day 2):
* Total Cash Awards: $955,750
* Total zero-Day Vulnerabilities Exploited: 66
* Unique Zero-Days Exploited: 29 (This is the specific answer to your question)
Leaderboard & Individual Awards (as of the end of Day 2):
* Fuzzware.io: $213,000 (+$95,000 on Day 2 for exploits on Phoenix Contact CHARX SEC-3150, ChargePoint Home Flex, and Grizzl-E Smart 40A) – Currently leads the competition.
* Sina Kheirkhah (Summoning Team): $40,000 (for exploits on Kenwood DNR1007XR, ChargePoint Home Flex, and Alpine iLX-F511)
* Rob Blakely (Technical Debt Collectors): $40,000 (for exploits on Automotive Grade Linux)
* Hank Chen (InnoEdge Labs): $40,000 (for exploits on Alpitronic HYC50)
* Synacktiv Team: $35,000 (Day 1 award for chaining an information leak and out-of-bounds write)
Targets:
* EV chargers (Phoenix Contact, ChargePoint, Grizzl-E, Alpitronic, Autel MaxiCharger)
* In-Vehicle Infotainment (IVI) systems (Kenwood, Alpine)
* Car Operating Systems (Automotive Grade Linux)
Day 3 Targets:
* Grizzl-E Smart 40A (Slow Horses of Qrious Secure, PetoWorks team)
* Alpitronic HYC50 (Juurin Oy team)
* Autel MaxiCharger (Ryo Kato)
