Development Micro’s Zero Day Initiative (ZDI) on Thursday introduced {that a} new Pwn2Own Automotive hacking contest shall be held subsequent January, through the Automotive World occasion in Tokyo. The entire prize pool exceeds $3 million.
Safety researchers will compete in six classes on the competitors, together with a brand new supercharger class and one other centered on Open Cost Alliance’s OCPP Compliance Take a look at Device (OCTT).
Tesla will once more be current on the occasion, and researchers competing on this class could have the possibility to drive a Tesla automobile house, along with profitable prizes of as much as $500,000.
The best rewards, nevertheless, will solely be handed out to researchers in a position to remotely hack the automobile’s autopilot, acquiring unconfined root entry. Acquiring solely full distant management over the autopilot (with out the foundation bonus) will earn researchers $400,000 in money and a Tesla automobile.
Hacking any of a Tesla automobile’s digital management items (ECU) and controlling CAN bus communication may additionally earn researchers $400,000 in money and a Tesla automobile.
There are 16 prizes provided within the Tesla class, seven of which embody a automobile. There are additionally three addons that researchers can earn, together with one among $100,000 for arbitrary management over the CAN bus, and two of $50,000 every for persistent root entry on the infotainment and autopilot techniques.
“Contestants can register an entry in opposition to the Tesla Mannequin 3/Y (Ryzen-based) equal bench prime unit, and it wouldn’t shock me if somebody must run their exploits in an RF enclosure to stop interference with autos that is likely to be driving by,” ZDI notes.
Researchers can earn prizes of as much as $20,000 for profitable exploits demonstrated within the in-vehicle infotainment (IVI) class, because the IVI techniques hook up with different inner automobile techniques by the CAN bus.Commercial. Scroll to proceed studying.
At Pwn2Own Automotive 2026, bug hunters will be capable of goal an Aplitronic supercharger within the Stage 3 electrical automobile (EV) chargers class and earn prizes of as much as $60,000.
Eight charging stations, wall connectors, and chargers shall be accessible for hacking within the Stage 2 EV chargers class, every promising prizes of as much as $40,000. A number of further challenges are additionally accessible on this class, with prizes of as much as $20,000.
“An try on this class have to be launched in opposition to the goal’s uncovered companies or in opposition to the goal’s communication protocols/bodily interfaces which might be accessible to a typical consumer,” ZDI explains.
A completely new class subsequent yr would be the Open Cost Alliance class, wherein researchers can goal the Open Cost Level Protocol (OCPP), which unifies communication between cost factors and central techniques. A profitable exploit in opposition to it could actually earn researchers a $15,000 award.
As a part of the sixth class, Automotive Working Methods, bug hunters could have the possibility to hack into Automotive Grade Linux, BlackBerry QNX, and Android Automotive OS, to earn financial rewards of as much as $60,000.
researchers are inspired to learn the total Pwn2Own Automotive 2026 guidelines, in addition to ZDI’s weblog on what collaborating in Pwn2Own entails.
Associated: Microsoft Provides $5 Million at Zero Day Quest Hacking Contest
Associated: VMware Struggles to Repair Flaw Exploited at Chinese language Hacking Contest
Associated: Second Pwn2Own Automotive Contest Provides Over $1 Million in Prizes
Associated: $2.5 Million Provided at Upcoming ‘Matrix Cup’ Chinese language Hacking Contest
