Day 2 of Pwn2Own Automotive moved decisively into high gear. Following an action-packed Day 1 that delivered 37 unique zero-day vulnerabilities, Day 2 added another 29, bringing the total to 66 unique zero-days uncovered so far. This decisively sets a new benchmark for the competition, surpassing the previous record of 49 zero-days discovered over an entire three-day event in prior years.
Attempts on Alpitronic Level 3 Chargers and IVI Systems
Early on Day 2, InnoEdge and Xilokar successfully targeted the Alpitronic HYC50 operating Lab Mode charger. While both teams have prior experience competing at Pwn2Own events, this marked their first engagement with automotive cybersecurity targets. Hank Chen of InnoEdge Labs demonstrated a successful exploit by leveraging an exposed and dangerous method within the charger’s Lab Mode interface, while Xilokar achieved a successful attempt by exploiting a single vulnerability.
Figure 1. InnoEdge successfully exploits Alpitronic HYC50 in Lab Mode
Figure 2. Xilokar successfully exploits Alpitronic HYC50 in Lab Mode
Momentum continued with Fuzzware.io, who emerged successful at an attempt against the Phoenix Contact CHARX SEC-3150, where three vulnerabilities were exploited using two add-on techniques, accumulating seven points. The team also achieved successful exploits against the ChargePoint Home Flex (CPH50-K) using the Charging Connector Protocol / Signal Manipulation add-on—leveraging a command injection vulnerability—as well as against the Grizzl-E Smart 40A charger.
Figure 3. Fuzzware.io gets 7 Master of Pwn points for exploiting the Phoenix Charger
Synacktiv brought a surprise by tapping an NFC card and succesfully exploiting the Autel MaxiCharger AC Elite Home 40A with the Charging Connector Protocol/Signal Manipulation add‑on.
Sina Kierkah, Master of Pwn 2025 and a member of Summoning Team, returned to the Pwn2Own stage with a strong showing in Round 6. Kierkah successfully targeted the Kenwood DNR1007XR by exploiting a command injection vulnerability. He also secured a Full Win against the ChargePoint Home Flex (CPH50-K), exploiting two vulnerabilities using the Charging Connector Protocol / Signal Manipulation add-on and a successful exploit two unique vulnerabilities to gain root access to Alpine iLX-F511.
| Attempt | Category | Result |
|---|---|---|
| Team DDOS targeting Kenwood DNR1007XR | In-Vehicle Infotainment (IVI) Systems | Success |
| Team MAMMOTH targeting Alpine iLX-F511 | In-Vehicle Infotainment (IVI) Systems | Success |
| FuzzingLabs targeting Phoenix Contact CHARX SEC-3150 | Level 2 Electric Vehicle (EV) Chargers | Success |
| InnoEdge Labs targeting Alpitronic HYC50 | Level 3 Electric Vehicle (EV) Chargers | Success |
| Autocrypt targeting Grizzl-E Smart 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Failed |
| Neodyme targeting Sony XAV-9500ES | In-Vehicle Infotainment (IVI) Systems | Success |
| Summoning Team targeting Kenwood DNR1007XR | In-Vehicle Infotainment (IVI) Systems | Success |
| Viettel Cyber Security targeting Alpine iLX-F511 | In-Vehicle Infotainment (IVI) Systems | Success / Collision |
| BoredPentester targeting Grizzl-E Smart 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| Fuzzware.io targeting Phoenix Contact CHARX SEC-3150 with add-on | Level 2 Electric Vehicle (EV) Chargers | Success |
| Xilokar targeting Alpitronic HYC50 | Level 3 Electric Vehicle (EV) Chargers | Success |
| PHP Hooligans / Midnight Blue targeting Autel MaxiCharger AC Elite Home 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| 78ResearchLab targeting Kenwood DNR1007XR | In-Vehicle Infotainment (IVI) Systems | Success / Collision |
| GMO Cybersecurity by Ierae, Inc. targeting Alpine iLX-F511 | In-Vehicle Infotainment (IVI) Systems | Success / Collision |
| BoB::Takedown targeting Grizzl-E Smart 40A | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| Autocrypt targeting Autel MaxiCharger AC Elite Home 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Failed |
| Technical Debt Collectors targeting Automotive Grade Linux | Automotive Operating Systems | Success |
| Fuzzware.io targeting ChargePoint Home Flex (Model CPH50-K) with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success |
| BoredPentester targeting Kenwood DNR1007XR | In-Vehicle Infotainment (IVI) Systems | Success |
| Qrious Secure targeting Alpine iLX-F511 | In-Vehicle Infotainment (IVI) Systems | Success / Collision |
| Synacktiv targeting Autel MaxiCharger AC Elite Home 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success |
| Team DDOS targeting Phoenix Contact CHARX SEC-3150 with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| Petoworks targeting Alpine iLX-F511 | In-Vehicle Infotainment (IVI) Systems | Failed |
| Summoning Team targeting ChargePoint Home Flex (Model CPH50-K) with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success |
| Fuzzware.io targeting Grizzl-E Smart 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| Petoworks targeting Kenwood DNR1007XR | In-Vehicle Infotainment (IVI) Systems | Success / Collision |
| BoB::Takedown targeting Phoenix Contact CHARX SEC-3150 | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| Summoning Team targeting Alpine iLX-F511 | In-Vehicle Infotainment (IVI) Systems | Success |
| ZIEN targeting ChargePoint Home Flex (Model CPH50-K) | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
| Evan Grant targeting Grizzl-E Smart 40A with Charging Connector Protocol / Signal Manipulation add-on | Level 2 Electric Vehicle (EV) Chargers | Success / Collision |
Table 1. The complete contest results of Pwn2Own Automotive 2026 Day Two Note: An attempt is designated a “collision” if it involves a non-unique vulnerability (discovered by another researcher or previously known). An attempt marked as a “success/collision” involves a combination of unique and previously known vulnerabilities.)
What Day 2 Reveals: From Possibility to Repeatability
Day 2 of Pwn2Own Automotive 2026 confirms that automotive and EV charging vulnerabilities are no longer isolated or theoretical. Successful exploits were repeatable across teams and targets, relying on common weaknesses—such as exposed interfaces, debug modes, and command injection rather than rare or highly complex zero-days. This shift highlights how quickly simple flaws can be operationalized at scale across the automotive ecosystem.
Automotive Cybersecurity Demos
At Pwn2Own Automotive 2026, a virtual demo led by Jay Turla, Principal Security Researcher at VicOne, and facilitated by Tsutomu Shimizu, Senior Manager of Cyber Threat Research at TrendAI, showcased three technical demonstrations exposing vulnerabilities across vehicle systems, IoT gateways, and EV charging infrastructure. Together, the demos illustrated how weaknesses in protocols, firmware, and interfaces can translate directly into real-world operational risk.
Figure 4. Tsutomu Shimizu, Senior Manager of Cyber Threat Research at TrendMicro, facilitates the Demo at the Pwn2Own Booth
The first demo, Bluetooth Fuzzing on IVI Systems, applied structured fuzzing techniques to Bluetooth Low Energy (BLE) and Classic Bluetooth implementations in in-vehicle infotainment platforms. Without requiring elevated privileges, researchers triggered livelocks, temporary denial-of-service conditions, and unstable connectivity—highlighting how low-level protocol flaws, while not safety-critical, can still undermine system stability and user experience in ways standard validation often misses.
The second demo, CVE-2025-48466 Modbus Packet Injection, showed how a vulnerability in the Advantech WISE 4060LAN IoT gateway could allow attackers to replay or inject Modbus commands to manipulate connected devices such as doors and lifts. The scenario underscored how protocol-level weaknesses in operational technology can lead to disruption and potential safety risks if interfaces are exposed and firmware is not properly maintained.
These demos reinforce what Pwn2Own Automotive Day 2 reveals about simple attack paths and common weaknesses.
Watch the video below for a quick overview of the highlights of Pwn2Own Automotive 2026 Day 2.
Stay tuned for updates from day two of Pwn2Own Automotive 2026 by following VicOne (LinkedIn, X, blog) and the ZDI (LinkedIn, X, blog).
With contributions from Dustin Childs of the ZDI (for details taken from ZDI blog)
