Pwn2Own Vancouver 2019: Tesla, VMware, Microsoft, and More

January 14, 2019 | Brian Gorenc

Starting in 2007, Pwn2Own has evolved from a small demonstration with prizes averaging around $10,000 per exploit, to one of the most well-known security contests in the industry, with millions of dollars of cash and prizes made available to contestants over the years. The contest serves as more than just an annual check-in on the state of browser and OS security. It also guides researchers as we add new categories and increase cash awards. Over the years, new veins of security research were mined after being a target of Pwn2Own. We saw that with exploit techniques like sandbox escapes, mitigation bypasses, and guest-to-host OS escalations. This year, on March 20-22 at the CanSecWest conference, we hope to see that research expand into our newest category, Automotive with the addition of the Tesla Model 3, which has quickly become the best-selling car in its class in the United States.  

That’s right. We’ll have a Tesla Model 3 on-site as a target for our automotive category, which has six different focal points for in-scope research (details below). Tesla essentially pioneered the concept of the connected car with their Model S sedan, and in partnership with Tesla, we hope to encourage even more security research into connected vehicles as the category continues to expand. Prizes range from $35,000 to $300,000 depending on a variety of factors including the exploit used. And the first successful researcher can also drive off in their own brand new Model 3 after the competition ends. See the rules section below for specific target categories and awards.

Cars aren’t the only thing providing a big payout this year. Microsoft returns as a partner for 2019 and leads the virtualization category with a $250,000 award for a successful Hyper-V Client guest-to-host escalation. With that much cash, you can get your own Model 3 – or a few in multiple colors. VMware also returns as a Pwn2Own sponsor for 2019, and this year, we’ll have VMware ESXi alongside VMware Workstation as a target with awards of $150,000 and $70,000 respectively. Oracle VirtualBox rounds out this category with a prize of $35,000. Cloud computing relies on virtualization, as do many other critical computing functions. We’ve seen guest-to-host OS escalations in the past two Pwn2Own contests. Here’s hoping we see more this year.

Web browsers are a traditional target for Pwn2Own Vancouver, and that remains the case for 2019. With the recent announcement of Microsoft moving to a Chromium-based engine, exploits on Google Chrome definitely earn a premium over Edge, Safari, and Firefox. A browser exploit ranges from $40,000 for Firefox up to $80,000 for Chrome. We’re also offering $80,000 for anyone who can successfully exploit Edge with a Windows Defender Application Guard (WDAG) specific escape from the WDAG container to the host OS – something we’ve never seen at Pwn2Own before. Contestants can add on another $70,000 if they escape the virtual machine and execute code on the host OS. Some say the browser is the gateway to the cloud. It’s certainly the gateway to online shopping. Either way, bugs in these products have a broad impact.

Enterprise applications also return as targets with Adobe Reader and various Office components, including Outlook, on the docket. Prizes in this category run from $40,000 for a Reader exploit, $60,000 for a successful Office entry, and $100,000 for Outlook. There’s a better than average chance that you use one (or more) of these applications in your average work day, making this category relevant to nearly everyone with a computer.

The Server Side category is much smaller this year with Microsoft Windows RDP as the only target. Most of our server side targets moved to our Targeted Incentive Program, so they no longer need to be included in Pwn2Own. Still, a successful RDP exploit will garner $150,000 for the contestant.

Finally, no Pwn2Own would be complete without crowning the Master of Pwn. Since the order of the contest is decided by a random draw, contestants with an unlucky draw could present great research, but receive less money since subsequent rounds go down in value. However, the points awarded for each successful entry do not go down. Someone could have a bad draw and still accumulate the most points. The person or team with the most points at the end of the contest will be crowned Master of Pwn, receive 65,000 ZDI reward points (instant Platinum status), a killer trophy, and a pretty snazzy jacket to boot.

The Contest Rules Details

This section covers the details of each category. Refer to the official rules for full details on what constitutes a successful demonstration for each category.

Automotive Category: Tesla Model 3

An attempt in this category must be launched against a Tesla Model 3 mid-range rear wheel drive vehicle. The available targets and awards are as follows:

— Entries against “Modem or Tuner”, “Wi-Fi or Bluetooth”, and “Gateway, Autopilot, or VCSEC” targets must achieve code execution by communicating with a rogue base station or other malicious entity.

— Entries against the “Infotainment” target must be launched from the target under test and must achieve code execution by browsing to malicious content.

— Entries against “Key Fobs or Phone-as-Key” target must achieve code execution, arbitrary vehicle unlock, or arbitrary vehicle start using protocol-related weaknesses. Entries related to Key Fob relay or “rolljam” attacks are not allowed.

Two add-on prizes are available in this category:

Along with the prize money, the first-round winner in this category will win a Tesla Model 3 mid-range rear-wheel drive vehicle.

Virtualization Category

An attempt in this category must be launched from within the guest OS and execute code on the host OS or in the hypervisor.

For Oracle VirtualBox, VMware Workstation, and Microsoft Hyper-V Client, both the guest and the host operating system will be running Microsoft Windows 10 RS5 x64. For VMware ESXi, the guest operating system will be running Microsoft Windows 10 RS5 x64. 

One add-on prize is available in this category:

To be eligible for this add-on prize, the kernel vulnerability used to escalate privileges on the host operating system must be different from any kernel vulnerability required to escape the virtualization target. 

Web Browser Category

An attempt in this category must be launched from the target under test. Launching an exploit from the command line is not allowed. Windows-based targets will be running in a VMware Workstation virtual machine.

One add-on prize is available in this category:

Enterprise Applications Category

An attempt in this category must be launched from the target under test. Launching an exploit from the command line is not allowed.

The Office targets will be running Microsoft Office 365 ProPlus x64 (Monthly Channel) on Windows 10 x64 and will have Protected View enabled. Adobe Reader will have Protected Mode and Protected View enabled. To be eligible for the prize associated with the Microsoft Outlook target, the attempt must successfully occur when syncing with a malicious mail server. 

Server Side Category

An attempt in this category must be launched from the contestant’s laptop within the contest network.


The complete rules for Pwn2Own 2019 are found here. As always, we encourage entrants to read the rules thoroughly if they choose to participate. If you are thinking about participating but have a specific configuration or rule-related questions, email us. Questions asked over Twitter or other means will not be answered. Registration is required to ensure we have sufficient resources on hand at the event. Please contact ZDI at to begin the registration process. Registration closes at 5 p.m. Pacific Time on March 14, 2019.

Be sure to stay tuned to this blog and follow us on Twitter for the latest information and updates about the contest. We look forward to seeing everyone in Vancouver, and we hope someone has a sweet ride home from this year’s Pwn2Own competition.

Rules updated on March 4th, 2019 to clarify successful attempts in the Automotive category.  

With special thanks to our Pwn2Own 2019 Partners Tesla and Microsoft

Thanks also to our Pwn2Own 2019 Sponsor VMware


©2019 Trend Micro Incorporated. All rights reserved. PWN2OWN, ZERO DAY INITIATIVE, ZDI and Trend Micro are trademarks or registered trademarks of Trend Micro Incorporated. All other trademarks and trade names are the property of their respective owners.