Security Research
Showing results for 
Search instead for 
Do you mean 

Mobile Pwn2Own 2014: The day two recap

Shannon_Sabens on ‎11-12-2014 08:30 PM

The second and final day of the 2014 Mobile Pwn2Own competition drew two veteran security researchers targeting Windows Phone and Android. Both achieved partial pwnage, succeeding at controlling one aspect of their respective systems but unable to gain comprehensive control.


First, Nico Joly – who refined his competition entry on the very laptop he won at this spring’s Pwn2Own in Vancouver as part of the VUPEN team – was the sole competitor to take on Windows Phone (the Lumia 1520) this year, entering with an exploit aimed at the browser. He was successfully able to exfiltrate the cookie database; however, the sandbox held and he was unable to gain full control of the system.


Our second and final competitor, Jüri Aedla, is also a Pwn2Own veteran, most recently presenting a successful Firefox attack in Vancouver this spring. In Tokyo, he presented an approach utilizing wi-fi on his target system (a Nexus 5 running Android) However, he was unable to elevate his privileges further than their original level.


All exploits were, as always, confirmed by the Zero Day Initiative and immediately disclosed to the affected companies. We invite everyone to check back with the HPSR blog during the coming weeks for more information on individual exploits from throughout the contest. For now, though, the Pwn2Own test bench is closed; we look forward to seeing everyone at the spring Pwn2Own contest during CanSecWest in Vancouver. Safe travel!


Figure 1: Packing up after another terrific competition. Thanks again to all.

0 Kudos
About the Author


Nov 29 - Dec 1
Discover 2016 London
Learn how to thrive in a world of digital transformation at our biggest event of the year, Discover 2016 London, November 29 - December 1.
Read more
Each Month in 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all