Pwn2Own Automotive 2026: Researchers Earn $1 Million for 76 Zero-Days in Connected Vehicles and EV Chargers
Security researchers collected over $1 million for responsibly disclosing 76 zero-day vulnerabilities targeting connected vehicles, EV chargers, and automotive systems at Pwn2Own Automotive 2026 in Tokyo.
The Trend Micro Zero Day Initiative (ZDI) hosted Pwn2Own Automotive 2026 in Tokyo last week, where security researchers from around the world demonstrated and responsibly disclosed 76 zero-day vulnerabilities targeting connected vehicles, electric vehicle (EV) chargers, in-vehicle infotainment systems, and automotive operating systems. Contestants earned a total of $1,047,000 in prizes, with the team from Fuzzware.io taking home the Master of Pwn title and $215,000 for their exploits.
The event, co-hosted by VicOne and sponsored by Tesla with support from Alpitronic and the Open Charge Alliance, focused on the rapidly expanding attack surface of modern vehicles. As connected cars become ubiquitous, the volume of data they send and receive raises significant privacy and safety concerns for manufacturers and consumers alike. Pwn2Own Automotive provides a controlled environment for researchers to uncover critical flaws before malicious actors can exploit them.
Among the standout demonstrations, the French team Synacktiv chained an information leak with an out-of-bounds write vulnerability to compromise the Tesla Infotainment system in the USB-based attack category. In a Pwn2Own first, Synacktiv also used NFC to target the Autel MaxiCharger AC Elite Home 40A EV charger, exploiting the Charging Connector Protocol/Signal Manipulation add-on to achieve code execution.
Fuzzware.io, the eventual Master of Pwn winners, chained two vulnerabilities to achieve code execution on the same Autel MaxiCharger AC Elite Home 40A EV charger and manipulate the ChargePoint signal. These demonstrations highlight the growing risk posed by EV charging infrastructure, which often runs embedded software with limited security hardening and is increasingly connected to home and enterprise networks.
The disclosed vulnerabilities have been reported to the respective vendors for patching. TrendAI ZDI uses disclosures from Pwn2Own to protect its customers from zero-day exploits an average of 71 days ahead of the rest of the cybersecurity industry, according to the company. This proactive approach is central to TrendAI's mission to deliver faster threat intelligence.
"Proactive security is at the center of our mission to protect customers and the world from cyber threats faster than any other security provider," said Rachel Jin, Chief Platform and Business Officer at TrendAI. "Connected assets are rapidly becoming an integral part of the digital world, and we're proud to bring together security experts at Pwn2Own to push threat research forward."
The event underscores the critical importance of securing the automotive supply chain, from infotainment systems to charging infrastructure. As vehicles become increasingly software-defined, the attack surface expands, making events like Pwn2Own Automotive essential for identifying and mitigating vulnerabilities before they can be weaponized in real-world attacks.