Security

Networking Devices Are “Bleeding” at the Virtual ‘Pwn2Own’ Tokyo 2020

By Bill Toulas / November 7, 2020

COVID-19 has compelled Pwn2Own organizers (Trend Micro) to postpone the event that was to take place in Tokyo this year, so it’s gone virtual and coordinated by the Zero Day Initiative from Toronto, Canada. Two of the three days of the white-hacking competition are already behind us, with routers and NAS storage products being exploited via multiple newly discovered vulnerabilities.

Here are the detailed results of the event thus far:

'Trapa Security' hacking NETGEAR Nighthawk R7800, Source: ZDI

Related: Hackers Are Massively Hijacking SIP Servers for Profit

Today, the hacking teams will attempt to hack into the Western Digital My Cloud Pro Series PR4100, NETGEAR Nighthawk R7800 router, Western Digital My Cloud Pro Series PR4100, Sony X800 television, and the Synology DiskStation DS418Play NAS. If you want to watch the attempts live, there’s a Twitch stream and a live stream on YouTube.

'Viettel' attempting to hack a Samsung TV, Source: ZDI

Remember, Pwn2Own is a hacking contest meant to help promote security and provide a checkpoint on the vendors' progress. In many cases, Pwn2Own is used as a platform to compare the security of different products of the same category, like web browsers or smartphones. The winners get to win the device they exploited along with a cash prize, and vendors get to have the discovery and the opportunity to fix zero-day bugs.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: