Pwn2Own Automotive 2026 Day Two: 66 Zero-Days, $955K in Prizes

Day Two of Pwn2Own Automotive 2026 in Tokyo wrapped up with researchers earning $439,250 for demonstrating 29 new zero-day vulnerabilities across EV charging infrastructure, in-vehicle infotainment systems, and automotive operating systems. The two-day total now stands at $955,750 for 66 unique vulnerabilities, with one day of competition remaining.

The annual contest, co-located with Automotive World at Tokyo Big Sight, challenges security researchers to find and exploit previously unknown vulnerabilities in real automotive equipment under controlled conditions.

Day Two Highlights

Fuzzware.io maintains their lead in the Master of Pwn competition after successful demonstrations against the Phoenix Contact CHARX SEC-3150 and ChargePoint Home Flex charging systems. Their consistent performance across both days has put them ahead, though several teams are within striking distance heading into the final day.

The Technical Debt Collectors pulled off one of the more complex chains of the day, combining an out-of-bounds read, memory exhaustion, and heap overflow to compromise Automotive Grade Linux for $40,000. The three-bug chain demonstrates the layered defenses in modern automotive platforms—but also shows those defenses can be defeated when researchers chain multiple primitives together.

Synacktiv, who hacked the Tesla Infotainment System on Day One, returned with a stack-based buffer overflow against the Autel MaxiCharger earning $30,000. The French team has consistently performed at Pwn2Own events across automotive, browser, and enterprise categories.

Other notable demonstrations included:

• FuzzingLabs: Authentication bypass and privilege escalation chain on Phoenix Contact for $20,000
• Team MAMMOTH: Command injection against the Alpine iLX-F511 for $10,000
• Neodyme AG: Buffer overflow achieving privileged code execution on the Sony XAV-9500ES for $10,000
• Hank Chen of InnoEdge Labs: Exposed dangerous method on the Alpitronic HYC50 for $40,000
• BoredPentester: Two-bug chain exploiting charging connector protocol manipulation on the Grizzl-E Smart 40A for $20,000

EV Charger Security Under Scrutiny

EV charging infrastructure continues to be a focal point of the competition. Researchers successfully compromised chargers from ChargePoint, Phoenix Contact, Alpitronic, Autel, and Grizzl-E across the first two days.

The security implications extend beyond individual chargers. As charging networks scale and integrate with smart grid infrastructure, vulnerabilities in these devices could enable attacks on the broader electrical grid, billing fraud, or denial-of-service attacks against charging infrastructure.

The contest's Level 3 EV Charger category specifically targets DC fast chargers found at public charging stations, while Level 2 chargers represent residential and commercial AC units. Both categories saw successful compromises, indicating systemic security challenges across the EV charging ecosystem.

Day One Recap

Day One set the pace with $516,500 awarded for 37 zero-day vulnerabilities. Synacktiv's Tesla Infotainment System hack grabbed headlines, with the team chaining an information leak and out-of-bounds write to gain root access.

Other Day One successes included Team DDOS compromising three different charging systems, and Fuzzware.io hacking the Alpitronic HYC50, Autel MaxiCharger, and Kenwood navigation receiver in a single session.

The 37 zero-days from Day One represents significant vulnerability discovery concentrated in a single day, though some of these will be treated as collisions if multiple teams independently discovered the same flaw.

What to Watch on Day Three

The final day will determine the Master of Pwn—the researcher or team who earns the most points across the competition. Fuzzware.io leads, but the scoring system rewards high-value targets and novel exploitation techniques, leaving room for other teams to close the gap.

Remaining targets include additional attempts against Tesla's infotainment system, the Open Charge Alliance's OCPP Compliance Test Tool (a new category for 2026), and various automotive operating system implementations.

For organizations in the automotive sector, the vulnerabilities disclosed at Pwn2Own will flow through Trend Micro's Zero Day Initiative responsible disclosure process. Vendors receive vulnerability details to develop patches before public disclosure, typically following a 90-day coordinated disclosure window.

Why This Matters

Automotive cybersecurity has matured significantly since the first car hacking demonstrations a decade ago, but Pwn2Own Automotive shows that significant attack surface remains. The 66 zero-days discovered in just two days—with one day still to go—demonstrate that even security-conscious vendors have gaps.

For security teams in automotive supply chains, the vulnerability classes being exploited (buffer overflows, command injection, authentication bypass) are not novel. They represent well-understood bug classes that should be caught through secure development practices and code review.

The competition serves as both a vulnerability discovery mechanism and a benchmark for automotive security maturity. Vendors whose products survive the competition can take some confidence in their security posture. Those whose products fall should be investing in root cause analysis to prevent similar issues in future products.

Day Three begins tomorrow at Automotive World. The final tally of zero-days and prize money will set the benchmark for automotive security heading into 2026.