Pwn2Own Vancouver 2023 – The Full Schedule

Welcome to Pwn2Own Vancouver for 2023! This year’s event promises some exciting research as we have 19 entries targeting nine different targets – including two Tesla attempts. For this year’s event, every round will pay full price, which means if all exploits succeed, we’ll award over $1,000,000 USD. As always, we began our contest with a random drawing to determine the order of attempts. If you missed it, you can watch the replay here.

The complete schedule for the contest is below (all times Pacific [GMT -8:00]).

Note: All times subject to change

Wednesday, March 22 – 1000

AbdulAziz Hariri (@abdhariri) of Haboob SA (@HaboobSa) targeting Adobe Reader in the Enterprise Applications category for $50,000 and 5 Master of Pwn points

Wednesday, March 22 – 1030

last_minute_pwnie targeting Ubuntu Desktop in the EoP category for $30,000 and 3 Master of Pwn points

Wednesday, March 22 – 1100

STAR Labs (@testanull) targeting Microsoft SharePoint in the Server category for $100,000 and 10 Master of Pwn points

Wednesday, March 22 – 1130

Qrious Security targeting Oracle VirtualBox in the Virtualization category for $40,000 and 4 Master of Pwn points

Wednesday, March 22 – 1310

Synacktiv (@Synacktiv) targeting Tesla – Gateway (Ethernet Attack Surface Only) in the Automotive category for $100,000 and 10 Master of Pwn points and a Tesla Model 3

Wednesday, March 22 – 1400

STAR Labs (@testanull) targeting Ubuntu Desktop in the EoP category for $30,000 and 3 Master of Pwn points

Wednesday, March 22 – 1500

Marcin Wiązowski targeting Microsoft Windows 11 in the EoP category for $30,000 and 3 Master of Pwn points

Wednesday, March 22 – 1530

Synacktiv (@Synacktiv) targeting Apple macOS in the EoP category for $40,000 and 4 Master of Pwn points

Thursday, March 23 – 1000

Synacktiv (@Synacktiv) targeting Oracle VirtualBox with a Host EoP Add-on in the Virtualization category for $90,000 and 9 Master of Pwn points

Thursday, March 23 – 1100

Team Viettel targeting Microsoft Teams in the Enterprise Communications category for $75,000 and 8 Master of Pwn points

Thursday, March 24 – 1240

Synacktiv (@Synacktiv) targeting Tesla – Infotainment Unconfined Root in the Automotive category for $150,000 and 15 Master of Pwn

Thursday, March 23 – 1400

Team Viettel (rskvp93)targeting Oracle VirtualBox in the Virtualization category for $40,000 and 4 Master of Pwn points

Thursday, March 23 – 1500

Synacktiv (@Synacktiv) targeting Ubuntu Desktop in the EoP category for $30,000 and 3 Master of Pwn points

Friday, March 24, 0930

Kyle Zeng from ASU SEFCOM targeting Ubuntu Desktop in the EoP category for $30,000 and 3 Master of Pwn points

Friday, March 24 – 1000

STAR Labs (@testanull) targeting Microsoft Teams in the Enterprise Communications category for $75,000 and 8 Master of Pwn points

Friday, March 24 – 1100

Synacktiv (@Synacktiv) targeting Microsoft Windows 11 in the EoP category for $30,000 and 3 Master of Pwn points

Friday, March 24 – 1200

Mingi Cho of Theori targeting Ubuntu Desktop in the EoP category for $30,000 and 3 Master of Pwn points

Friday, March 24 – 1230

STAR Labs (@testanull) targeting VMware Workstation in the Virtualization category for $80,000 and 8 Master of Pwn points

Friday, March 24 – 1430

Qrious Security targeting Ubuntu Desktop in the EoP category for $30,000 and 3 Master of Pwn points

We’ll be publishing results live on the blog as the contest unfolds. We’ll also be posting brief video highlights to Twitter, YouTube, Mastodon, LinkedIn, and Instagram, so follow us on your favorite flavor of social media for the latest news from the event.

   Blog post Zero Day Initiative – Blog 

More To Explore

RoyalTSX 6.0.1 RTSZ File Handling Heap Memory Corruption

RoyalTSX version 6.0.1 suffers from an RTSZ file handling heap memory corruption vulnerability. The application receives SIGABRT after the RAPortCheck.createNWConnection() function is handling the SecureGatewayHost

We can help improve your Business

Ensure your Organization Assets are well  protected in front of the Cyber Attacks

Delivery Workflow

Register for Free and get your test done withn 24 to 48 hours

See Workflow

Sample Report

Here is a sample report of a Security Testing Engagement

See Sample Report PDF

Work Request

Order your security test and Get Your Report

Get Your Test Report
Generated by Feedzy