For 63 zero-days at Pwn2Own Toronto, hackers earn $989.750

Competitors have earned $989,750 from Pwn2Own Toronto 2222 for the 63 zero-day exploits and multiple bug collisions that targeted consumer products. This was between December 6th through December 9th.

26 security teams and researchers targeted devices within the mobile, home automation hubs and printers categories.

Although no one signed up for hacking the Apple iPhone 13 or Google Pixel 6 phones, contestants were able to hack a Samsung Galaxy S22 fully patched four times.

Infected Samsung flagship phone with zero-day , the STAR Labs team discovered it and executed an incorrect input validation attack. They earned $50,000 and five Master of Pwn points.

Chim (another contestant) demonstrated a more powerful exploit against the Samsung Galaxy S22 during the first day.

Pentest Limited . Security researchers Interrupt Labs, Pentest Limited and Pentest Limited also hack the Galaxy S22 during the third and fourth days of the contest.

Today was the final day of Pwn2Own Toronto 20,22. Contestants earned $989,750 for their 63 zero-day exploits in multiple categories.

Throughout the contest hackers successfully demonstrated exploits that target zero-day bugs on devices made by multiple vendors such as Canon, HP and Mikrotik.

The complete competition schedule , and each day’s program and results for Pwn2Own Toronto 2022 are available here .

Vendors are allowed 120 days from the time they are notified of zero-day vulnerabilities discovered during Pwn2Own.

Team DEVCORE won the contest with $142,500 in cash and 18.5 Master of Pwn point. Team Viettel is next with $82,500, 16.5 points, and NCC Group EDG (78.750 and 15.5 respectively) on the leaderboard.

Pwn2Own Toronto 2022 Final Leaderboard (ZDI)