(Credit: Zero Day Initiative)
One of the big showcases of this week's Pwn2Own Automotive conference was a group of researchers hacking a Tesla's infotainment system, which earned them $35,000.
The third annual Pwn2Own Automotive, run by the Zero Day Initiative, is underway in Tokyo, with 73 security teams competing. Researchers racked up over half a million dollars in prizes in the first 24 hours of the show, BleepingComputer reports, and Tesla EVs are a top target.
The Synacktiv Team took home $35,000 after successfully linking several zero-day exploits to hack a Tesla using a USB-based attack. That team also gained root-level access to the Sony XAV-9500ES digital media receiver and earned another $20,000 for their trouble.
Although many of the hacking groups at the show have used infotainment systems to gain unauthorized access to various vehicles, that's not the only attack vector they've exploited. The Fuzzware.io team hacked the Autel MaxiCharger car charger, securing a $50,000 reward. Other groups hacked the Phoenix Contact charging connector and the Grizzl-E Smart smart charger.
The top team for day one was Fuzzware, with a cool $118,000 in prize money.
Despite the packed show this year, it remains to be seen if the totals awarded will match what's come before. The first show in 2024 saw over $1.3 million collected in security bounties, but the 2025 show handed out $886,000. In 2026, the show has only given out $516,500 in bonuses and prize money so far. Is this is an indication that vehicle digital security is improving?
Companies that have had their technologies exploited at the show now have 90 days to patch them before the Zero Day Initiative releases the data publicly. There are 37 zero-day flaws being showcased at the conference, so developers need to get cracking.
Follow along for updates from the show on the Zero Day blog and X feed.