Welcome to the third and final day of Pwn2Own Automotive 2025. Over the past two days, we have awarded $718,250 for 39 unique 0-days. Sina Kheirkhah has a commanding lead for Master of Pwn, but anything can happen. Here’s a look at today’s results…

SUCCESS - Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) used a single bug to exploit the ChargePoint EV charger. He earns himself another $25,000 and 5 Master of Pwn points.

SUCCESS - The Synacktiv (@Synacktiv) team used a single integer overflow to exploit the Sony IVI. Their work earns them another $10,000 and 2 Master of Pwn points.

SUCCESS/COLLISION - Bongeun Koo (@kiddo_pwn) of STEALIEN used three bugs to exploit the Ubiquiti charger, but two were already known. He still wins $26,750 and 4.5 Master of Pwn points.

SUCCESS - Thanh Do (@nyanctl) of Team Confused was able to confuse the Alpine iLX-507 with a single stack buffer overflow. The unique bug earns him $10,000 and 2 Master of Pwn points.

SUCCESS - The PHP Hooligans again show their expertise by using a single OS command injection bug to exploit the Kenwood DMX958XR. Their final attempt of the contest earns them another $10,000 and 2 Master of Pwn points.

SUCCESS/COLLISION - - Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of fuzzware.io used a two bug chain - including an uninitialized variable - to exploit the WOLFBOX EV charger. However, one of these bugs was previously known. The earn $18,750 and 2 Master of Pwn points.