Windows 10, iOS 15, Google Chrome, Apple Safari, Microsoft Trade Server, and Ubuntu 20 ended up successfully damaged into applying primary, in no way-prior to-observed exploits at the Tianfu Cup 2021, the fourth version of the international cybersecurity contest held in the metropolis of Chengdu, China.
Targets this yr incorporated Google Chrome operating on Windows 10 21H1, Apple Safari jogging on Macbook Pro, Adobe PDF Reader, Docker CE, Ubuntu 20/CentOS 8, Microsoft Trade Server 2019, Windows 10, VMware Workstation, VMware ESXi, Parallels Desktop, iPhone 13 Pro running iOS 15, domestic mobile telephones running Android, QEMU VM, Synology DS220j DiskStation, and ASUS RT-AX56U router.
The Chinese edition of Pwn2Have was started in 2018 in the wake of governing administration regulation in the place that barred security researchers from participating in worldwide hacking competitions because of nationwide security problems.
With the exception of Synology DS220j NAS, Xiaomi Mi 11 smartphone, and an unnamed Chinese electric car, attacks have been mounted efficiently towards just about every other concentrate on —
- Adobe PDF Reader
- Apple iPhone 13 Pro (managing iOS 15)
- Apple Safari
- ASUS RT-AX56U
- Docker CE
- Google Chrome
- Microsoft Trade Server
- Microsoft Windows 10
- Parallels Desktop
- QEMU VM
- Ubuntu 20/CentOS 8
- VMware ESXi
- VMWare Workstation
The two-day match, which took area in excess of the weekend on Oct 16 and 17, noticed security researchers successful 1.88 million in prize revenue, with Kunlun Lab getting the leading spot ($654,500) for demonstrating successful exploits in iOS 15, such as a remote code execution flaw in cellular Safari in just 15 seconds. Researchers from the cybersecurity organization also pwned Google Chrome “to get Windows program kernel amount privilege with only two bugs,” Kunlun Lab’s CEO @mj0011) tweeted.
Team PangU emerged second with a full haul of $522,500 for demonstrating off a distant jailbreak in iPhone13 Pro running iOS 15, marking the to start with time the recently produced iPhone product has been cracked at a public forum, although the Vulnerability Investigate Institute (VRI) arrived 3rd with $392,500.
Particulars of the flaws have not been designed general public, but the companies are anticipated to release patches for the newly uncovered flaws in the approaching months.
Located this article interesting? Stick to THN on Facebook, Twitter and LinkedIn to read through extra special content we post.
Some components of this write-up are sourced from: