Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit

Pierluigi Paganini April 08, 2021

Pwn2Own 2021 – Day 2: a security duo earned $200,000 for a zero-interaction Zoom exploit allowing remote code execution.

One of the most interesting working exploits of the second day of the Pwn2Own 2021 was demonstrated by security researchers Daan Keuper and Thijs Alkemade from Computest. The duo successfully targeted Zoom Messenger in the Enterprise Communications category, the white-hat hackers chained three bugs to get code execution on the target system without user interaction. The duo earned $200,000 and received 20 Master of Pwn points.

The attack scenario sees the victim receiving a meeting invitation, but the bug chain is triggered even if the victim did not click anything.

The second highest payout of the day was assigned to the security researchers Bruno Keith and Niklas Baumstark of Dataflow Security who earned $100,000 for demonstrating an exploit for Chrome and Microsoft Edge web browsers.

“The team used a Typer Mismatch bug to exploit the Chrome renderer and Microsoft Edge. Same exploit for both browsers. They earn $100,000 total and 10 Master of Pwn points.” states the post published on the official site of the competition.

Jack Dates from RET2 Systems and Sunjoo Park (aka grigoritchy) exploited a logic bug to execute code on the underlying operating system through Parallels Desktop. The expert earned $40,000 and received 4 Master of Pwn points.

Manfred Paul earned $30,000 and 3 points towards Master of Pwn targeting Ubuntu Desktop, the hacker exploited an OOB Access bug to escalate to a root user on Ubuntu Desktop.

Day two ended with the success of a researcher that uses the moniker z3r09 targeting Windows 10. z3r09 exploited an integer overflow issue to escalate his permissions up to NT Authority\SYSTEM. He earned $40,000 and 4 Master of Pwn points.

The only partial success of the day was the result of the attempt of Team Viettel targeting Microsoft Exchange in the Server category.

Team Viettel successfully demonstrated their exploit on the Exchange server, but some of the bugs chained by the team had been previously reported in the contest. Anyway the team received 7.5 Master of Pwn points.

On the first day of the competition, participants earned more than half a million dollars for demonstrating to five working exploits out of seven attempts.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Pwn2Own 2021)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment