Samsung

Pwn20wn: Galaxy S23 Was Hacked Twice In The Competition

Last year, the Pwn2Own hacking competition managed to crack the Samsung Galaxy S22 series in just 55 seconds – and this year the S23 series hasn’t fared much better either.

Vulnerabilities In Devices

There were numerous zero-day and exploit demonstrations on the first day of the competition. Overall, the experts will face the challenges again over four days and identify security gaps in smartphones, tablets, printers, routers, and network storage.

The competition is aimed at consumer devices and is therefore also an indicator of the security of the devices that each of us uses at home. Security researchers hacked the Samsung Galaxy S23 twice on the first day of the Pwn2Own 2023 hacking competition in Toronto, Canada.

Pentest Limited was the first team to demonstrate a zero-day vulnerability on the Samsung flagship Galaxy S23 by exploiting an input validation vulnerability to gain code execution. There was a $50,000 reward for this.

The STAR Labs SG team also exploited input validation to crack a Samsung Galaxy S23. The prize was $25,000 (half the price of the second round, in which the same device was attacked). According to the Pwn2Own Toronto 2023 competition rules, all target devices must be running the latest operating system versions and have all security updates installed.

It can now be expected that new updates will be published shortly for the vulnerabilities shown.

Also shown were exploits and vulnerabilities that targeted zero-days in Xiaomi’s 13 Pro smartphone, as well as printers, smart speakers, NAS devices, and surveillance cameras from Western Digital, QNAP, Synology, Canon, Lexmark, and Sonos.

The full list includes mobile phones (e.g. the Apple iPhone 14, Google Pixel 7, Samsung Galaxy S23, and Xiaomi 13 Pro), printers, wireless routers, network-attached storage (NAS) devices, home automation hubs, surveillance systems, smart Speakers as well as Google’s Pixel Watch and Chromecast devices, all in their standard configuration and with the latest security updates.

$300,000 for hacking the iPhone 14

By the way, the highest rewards are again for zero-day bugs in the mobile phone category, with cash prizes of up to $300,000 for hacking the iPhone 14 and $250,000 for the Pixel 7. But no successes have been reported for this yet – that could be but will change soon.

Share
Published by
Yasir Zeb

Recent Posts

Crash in the smartphone market: lowest sales figures in 13 years

The global smartphone market is experiencing a severe downturn, recording its worst quarter in 13…

14 hours ago

Pixel 11: Mega leak shows images and data from the new Google smartphones

Amazon made a big mistake and revealed the entire lineup of the Google Pixel 11…

14 hours ago

Top 10 Payment Card Tools for Everyday Digital Finance

A payment card is easiest to understand when users see how it fits into real…

20 hours ago

OnePlus is ‘dead’: Oppo wants to soon announce its withdrawal from the EU & USA

OnePlus will soon be history. At least in Europe and the USA. What has been…

20 hours ago

Switch 2 OLED: Nintendo is apparently planning a display upgrade after all

Nintendo is reportedly still internally planning an OLED version of the Switch 2 for the…

20 hours ago

Maps: Google launches major visual update with immersive navigation

Google appears to be starting to distribute the new immersive navigation for Google Maps. The…

20 hours ago