The Pwn2Own Automotive 2025 competition is currently underway in Tokyo, running from January 22 to January 24, and organized by Trend Micro's Zero Day Initiative.

During the event, researchers have already earned a staggering $1,132,500 by exploiting 29 zero-day vulnerabilities, with Synacktiv taking home $200,000 and a Tesla Model 3 for a rapid hack of the ECU.

The first day of the contest saw participants exploit 16 unique zero-day vulnerabilities, resulting in cash awards totaling $382,750.

Notably, $129,500 of the second day's earnings was specifically awarded for successful exploits targeting Tesla's Wall Connector charger.

The PHP Hooligans team earned $50,000 for exploiting a zero-day vulnerability to take control of and crash the Tesla charger.

Sina Kheirkhah from the Summoning Team has secured $91,750 by hacking multiple EV chargers using a combination of zero-days, showcasing his skills as he leads in the Master of Pwn competition.

Fuzzware.io is also in the lead, having hacked the Autel MaxiCharger and Phoenix Contact CHARX SEC-3150, earning $50,000 and 10 Master of Pwn points.

The competition has highlighted vulnerabilities across various EV chargers, including those from manufacturers like WOLFBOX and ChargePoint.

After the competition, vendors will have a 90-day window to address the identified vulnerabilities before they are disclosed to the public.

These successful hacks underscore the increasing cybersecurity threats to electric vehicle infrastructure, despite Tesla's capabilities for over-the-air updates.

Several teams exploited known vulnerabilities, earning smaller rewards, which emphasizes the ongoing risks associated with unpatched systems.

In comparison, last year's event saw participants earn a total of $1.3 million for various Tesla-related exploits, including those targeting EV chargers and infotainment systems.