At this year’s Pwn2Own competition, our team from the IoT Inspector Research Lab successfully identified three previously unknown vulnerabilities in the Cisco RV340 router, thereby gaining control over the device (remote code execution via authorization bypass and command injection).
By exploiting these vulnerabilities, attackers could gain access to corporate networks and spy on sensitive data, for example. This popular business router is used by thousands of companies all over the world.
All details will be published after the standardized 90-day disclosure period, during which the manufacturer has the opportunity to fix the vulnerabilities.
Big up to the IoT Inspector Research Lab for their great success!
Internationally renowned competition
Pwn2Own is one of the most renowned hacker competitions in the world. It is organized by the Zero Day Initiative and has been held bi-annually since 2007.
Participants are invited to uncover new vulnerabilities in common software and wireless devices. For this year’s event, 22 participants submitted 58 hacks – more than ever before. Many manufacturers cooperate with the renowned hack event and voluntarily put their devices up for attacks to improve the security of their products.