Hackers exploit 52 zero-days on day one of Pwn2Own Ireland

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across various devices and won cash prizes totaling $486,250.

Viettel Cyber ​​​​Security took an early lead and scored 13 points in the battle for the “Master of Pwn” title. The team’s Phudq and Namnp exploited a Lorex 2K WiFi camera through a stack-based buffer overflow vulnerability and received $30,000 and 3 points.

Sina Kheirkhah from the Summoning Team stole the show with a chain of nine vulnerabilities from the QNAP QHora-322 router to the TrueNAS Mini

Jack Dates of RET2 Systems followed with a successful out-of-bounds (OOB) writing exploit on the Sonos Era 300 smart speaker, securing $60,000 and 6 points. Its exploit allowed complete control over the device.

A second attempt by Viettel Cyber ​​Security combined four new errors to switch from the QNAP QHora-322 router to the TrueNAS Mini X, earning them another $50,000 and 10 points.

Other notable attempts from Pwn2Own’s first day include:

• Team Neodyme used a stack-based buffer overflow to target the HP Color LaserJet Pro MFP 3301fdw printer. Her success was rewarded with $20,000 and 2 points.
• PHP Hooligans / Midnight Blue earned $20,000 for exploiting a Canon imageCLASS MF656Cdw printer using a single bug.
• ANHTUD’s ExLuck joined the leaderboard with four new bugs, including incorrect certificate verification and a hard-coded cryptographic key to exploit the QNAP TS-464 NAS device. This bet earned $40,000 and 4 Master of Pwn points.
• On the surveillance front, Rapid7’s Ryan Emmons and Stephen Fewer successfully exploited the Synology DiskStation DS1823xs+ by failing to properly neutralize the argument separator flaw, earning $40,000 and 4 points.

However, the first day was not without challenges and partial failures. The Summoning team struggled to execute its QNAP TS-464 and Synology BeeStation BST150-4T exploits on time, while Synacktiv experienced a bug collision with its Lorex 2K camera exploit, resulting in a reduced payout of $11,250.

Despite a few setbacks, the first day of Pwn2Own Ireland 2024 was full of high-stakes hacks with rewards to match.

The competition continues for three days, and for part of it participants will try to exploit security issues in fully patched SOHO devices, including printers, NAS systems, Wi-Fi cameras, routers, smart speakers and mobile phones (Samsung Galaxy S24). the $1 million pool prize.