Welcome to Pwn2Own Vancouver 2023! We’ll be updating this blog in real time as results become available. We have eight attempts for today, including a SharePoint RCE and a Tesla exploit. We’re excited to say that all unique winning entries will receive the full payout during this year’s contest. We’ll update this blog throughout the day with results as they come in.
All results current as of 1130 Pacific (GMT -7)
SUCCESS - AbdulAziz Hariri (@abdhariri) of Haboob SA (@HaboobSa) completed his attack against Adobe Reader using a 6-bug logic chain exploiting multiple failed patches which escaped the sandbox and bypassed a banned API list. He earns $50,000 and 5 Master of Pwn points.
<img alt="" src="https://images.squarespace-cdn.com/content/v1/5894c269e4fcb5e65a1ed623/ef244948-5e68-480b-a0b6-86eb7e4991f1/AdobeReader.gif?format=1000w" />
FAILURE - last_minute_pwnie was unable to get their Ubuntu exploit working within the time allotted.
Article Link: Zero Day Initiative — Pwn2Own Vancouver 2023 - Day One Results