VicOne and Zero Day Initiative Co-Host World’s Largest Zero-Day Vulnerability Discovery Contest, Pwn2Own Automotive 2025

January 21, 2025
VicOne
VicOne and Zero Day Initiative Co-Host World’s Largest Zero-Day Vulnerability Discovery Contest, Pwn2Own Automotive 2025

Participants for Pwn2Own Automotive 2025 have been selected: The world’s leading security researchers from 13 countries take on the challenge of uncovering zero-day vulnerabilities in SDVs and their ecosystem

VicOne Corporation (Shinjuku, Tokyo, CEO: Max Cheng), a subsidiary of Trend Micro Inc. (Shinjuku, Tokyo, CEO: Eva Chen) and an automotive cybersecurity solutions leader, will hold the zero-day vulnerability discovery contest Pwn2Own Automotive 2025 from Wednesday, January 22, to Friday, January 24, 2025, in collaboration with Trend Micro’s vulnerability discovery community, Zero Day Initiative (ZDI). Twenty-two teams (including individual participants) from 13 countries around the world will participate in the contest.

In this contest, world-class security researchers will conduct security challenges to target devices in three categories: In-vehicle infotainment (IVI) systems, electric vehicle (EV) chargers, and operating systems (OS). Participants/Teams must find unknown, undisclosed, and unreported vulnerabilities in the target devices/systems in each category, and points and cash prizes will be awarded for successful challenges. The participant/team with the most points at the end of the contest will be awarded the title of “Master of Pwn.”

At last year’s inaugural edition, Pwn2Own Automotive 2024, the world’s top cybersecurity researcher team Synacktiv, from France, won the competition with a total of 50 points and was awarded the title of Master of Pwn. This year, 22 teams (including individual participants) from 13 countries will take on the challenge of finding unknown vulnerabilities.

What is Pwn2Own Automotive 2025?

Pwn2Own Automotive 2025 is based on the Zero Day Initiative (ZDI) platform, in which world-class security researchers conduct real-world testing of the latest automotive technologies to discover zero-day vulnerabilities. This enables early detection of zero-day vulnerabilities before they appear on underground markets and prompt countermeasures to prevent damage from cyberattacks, thereby contributing to improving product security.

It also stimulates research by offering security researchers widespread praise for their achievements in vulnerability discovery, with cash prizes totaling over US$1 million, and improves the overall level of security by training security personnel through experience in a hands-on environment.

Pwn2Own Automotive 2025 Event Overview

Pwn2Own Automotive 2025

Dates: January 22 (Wednesday) – 24 (Friday), 2025

Venue: Tokyo Big Sight, East Exhibition Hall 6 (in Automotive World 2025)

Website: https://vicone.com/pwn2own-automotive

Automotive World 2025

Dates: January 22 (Wednesday) – 24 (Friday), 2025, 10:00 a.m. – 5:00 p.m. JST

Venue: Tokyo Big Sight, East Exhibition Hall 6

Website: https://www.automotiveworld.jp/tokyo/ja-jp.html#/

For more information on Pwn2Own Automotive and its rules, please visit https://www.zerodayinitiative.com/Pwn2OwnAuto2025Rules.html.

About Trend Micro (Trend ZDI)

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro’s AI-powered cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, Trend’s platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,000 employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world. For more information, visit www.trendmicro.com.

About VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers and suppliers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro’s 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit vicone.com.

Media Contact
Myla Pilao
myla_pilao@vicone.com

Our News and Views

Gain Insights Into Automotive Cybersecurity

  • Get CRA-Ready: One Platform to Simplify CRA Compliance
    Blog
    July 14, 2025
    The EU Cyber Resilience Act (CRA) has set cybersecurity requirements focusing on Products with Digital Elements (PDE). This means that manufacturers within the supply chain must monitor and report vulnerabilities once discovered. Otherwise, a fine of a substantial financial penalty will be imposed. In this landscape, what manufacturers need is a solution that offers proactive Vulnerability and SBOM Management.
    Read More
  • CVE-2025-6019: A Privilege Escalation Flaw With Implications for AGL and the Future of SDVs
    Blog
    June 25, 2025
    A recently disclosed Linux flaw shows how seemingly ordinary bugs are starting to affect software-defined vehicles (SDVs). We unpack CVE-2025-6019, its impact on Automotive Grade Linux (AGL), and what it means for in-vehicle cybersecurity.
    Read More
  • Replicating RAMN Using a Single STM32 Board: A Hands-On Exploration
    Blog
    May 26, 2025
    Replicating the core functions of a full-scale Resistant Automotive Miniature Network (RAMN) using just a single STM32 board is a practical, cost-effective way to dive into advanced in-vehicle networking. In this hands-on guide, we run through the step-by-step setup, enabling engineers and enthusiasts alike to prototype resilient automotive communication systems with minimal hardware.
    Read More
  • LockBit Ransomware Group Data Leak: Implications for Automotive Cybersecurity
    Blog
    May 21, 2025
    A recent breach of the LockBit ransomware group exposed chat logs, offering a rare inside look at how victims were targeted and extorted. Automotive companies featured prominently among those attacked. We unpack the key findings and outline practical steps that automotive companies can take to block LockBit attacks or similar incidents.
    Read More
Visit Our Blog

Accelerate Your Automotive Cybersecurity Journey Today

Contact Us