Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

IoT Security

Tesla Charger Exploits Earn Hackers $129,000 at Pwn2Own

Hackers earned more than $700,000 on the first two days of Pwn2Own Automotive 2025 for EV charger and infotainment exploits.

Pwn2Own Tesla charger exploits

Significant rewards were earned by researchers on the second day of the Pwn2Own Automotive 2025 hacking competition organized this week by Trend Micro’s Zero Day Initiative (ZDI) in Tokyo, Japan. 

A total of $335,500 was paid out on the second day of the event, which, with the $382,750 awarded on the first day, brings the total to $718,250.

Of the second day’s total, $129,500 was earned for exploits targeting Tesla’s Wall Connector charger. 

One team earned $50,000 — the maximum amount for hacking the Tesla Wall Connector — for taking over the device and crashing it. 

Another team earned $45,000 for what ZDI described as an inventive Tesla charger exploit that leveraged the charging connector. 

Two other teams earned $22,500 and $12,500 rewards for hacking Tesla EV chargers — the amounts are smaller because the exploits involved previously known bugs.  

One more attempt to hack the Tesla Wall Connector is scheduled for Friday, which could add another $50,000 to the $129,500, if the exploit is successful.

Other significant rewards were earned on the second day for Wolfbox ($50,000), Phoenix Contact ($25,000), Autel ($23,000) EV charger exploits. 

At Pwn2Own Automotive 2025, no one is scheduled to attempt a Tesla vehicle hack, for which the organizers had been prepared to hand out a car and up to $500,000 in cash for an autopilot exploit.

Advertisement. Scroll to continue reading.

At last year’s event, participants earned a total of $1.3 million for exploits targeting Teslas, EV chargers and infotainment systems.

Related: Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities

Related: Over $1 Million Paid Out at Pwn2Own Ireland 2024

Related: Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

The US arm of networking giant TP-Link has appointed Adam Robertson as Director of Information and Security.

Cyber exposure management firm Armis has promoted Alex Mosher to President.

Software giant Atlassian has named David Cross as its new CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.