The Pwn2Own Automotive 2025 hacking competition organized this week by Trend Micro’s Zero Day Initiative (ZDI) in Tokyo, Japan, has come to an end, and participants have earned significant prizes for exploits targeting electric vehicle (EV) chargers, operating systems, and infotainment units.
White hat hackers have earned a total of $886,250 for demonstrating nearly 50 previously unknown vulnerabilities affecting Kenwood, Sony and Alpine infotainment units, and ChargePoint, Phoenix Contact, Autel, Ubiquiti, WolfBox and Tesla EV chargers.
There was a single exploit attempt in the OS category — it targeted Automotive Grade Linux and earned hackers $33,500.
Tesla Wall Connector charger exploits earned participating researchers more than $140,000, much of which was awarded on the second day of the event.
On the third day of Pwn2Own, hackers earned $168,000, including $35,000 for an Autel MaxiCharger exploit, and $26,750 for an Ubiquiti charger exploit, which were the highest payouts of the day.
The winning crew, Summoning Team, earned a total of $222,250.
No one attempted to hack a Tesla vehicle at Pwn2Own Automotive 2025, even though organizers had been prepared to hand out a car and hundreds of thousands of dollars in cash.
This suggests that Teslas are becoming more difficult to hack, as the prizes offered at Pwn2Own were significantly higher than what Tesla is typically offering through its bug bounty program.
At last year’s event, participants earned a total of $1.3 million for EV charger, infotainment system, and Tesla car exploits.
Related: Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities
Related: Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025
Related: Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland
