The Information Highway

The Information Highway

Font size: +
2 minutes reading time (495 words)

QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3

The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now stands at $874,875.


Pwn2Own, a global hacking competition, challenges top security researchers to exploit a range of software and hardware devices, with the ultimate goal of earning the prestigious "Master of Pwn" title and claiming up to $1 million in rewards.

On Day 1, participants uncovered 52 zero-day vulnerabilities, and on Day 2, another 51 zero-days were added.

Yesterday, the competition saw impressive performances from teams representing Viettel Cyber Security, DEVCORE, and PHP Hooligans/Midnight Blue, among others.

The day kicked off with success for Ha The Long and Ha Anh Hoang from Viettel Cyber Security, who exploited the QNAP TS-464 NAS using a single command injection vulnerability. This successful attack earned them $10,000 and 4 Master of Pwn points.

Pumpkin Chang and Orange Tsai from the DEVCORE Research Team combined three exploits—a CRLF injection, an authentication bypass, and a SQL injection—to take control of the Synology BeeStation. Their complex exploit rewarded them with $20,000 and 4 points.

PHP Hooligans / Midnight Blue used an out-of-bounds write and a memory corruption bug to perform a "SOHO Smashup." They managed to go from the QNAP QHora-322 router to a Lexmark printer, ultimately printing their own "banknotes," earning the team $25,000 and 10 Master of Pwn points.

Bill printed on hacked Lexmark device
Source: Zero Day Initiative

Later in the day, Viettel Cyber Security delivered another success, exploiting the Lexmark CX331adwe printer using a type confusion vulnerability, adding $20,000 and 2 more points to their tally.

Collisions and failed attempts

However, not all exploit attempts went smoothly, and the third day had its share of collisions, where multiple teams used the same vulnerabilities to compromise devices.

STEALIEN Inc. successfully compromised a Lorex camera, but the bug they leveraged had already been used, reducing their payout to $3,750 and awarding only 1.5 points.

Viettel Cyber Security also encountered a collision when they exploited a Canon printer using a stack-based buffer overflow, which had been previously demonstrated. This earned them $5,000 and 1 point.

Viettel Cyber Security and ANHTUD faced challenges when time ran out before they could complete their exploits, both while attempting to breach the Ubiquiti AI Bullet within the allotted time.

With just 15 attempts remaining in the schedule for Day 4, participants have nearly exhausted the prize pool, but there are still over $125,000 in awards up for grabs.

As the contest enters its final phase, Viettel Cyber Security is comfortably leading in the standings, having over twice the amount of points contenders DEVCORE, Neodyme, Summoning Team, and Ret2 Systems have gathered thus far.

At the end of Day 3, the event revealed 114 zero-day vulnerabilities, showcasing the critical role of such competitions in strengthening the security of consumer devices.

Amazon seizes domains used in rogue Remote Desktop...
UnitedHealth says data of 100 million stolen in Ch...

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Tuesday, 05 November 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023