Hacking NewsNewsSecurityVulnerabilities

Pwn20wn: Zero-Day Found in Samsung Galaxy S9, iPhone X, Xiaomi Mi 6

Pwn2Own is a computer hacking contest held annually and this year hackers discovered 18 vulnerabilities and earned $325,000 in this event.

There were iPhone X, Samsung Galaxy S9, Xiaomi Mi6 which got pawned this year’s Pwn2Own Tokyo 2018.

There were teams from different countries or representing different companies and disclosed total of 18 vulnerabilities in mobile devices by Apple, Samsung, Xiaomi and those vulnerabilities allowed them to own root access.

Day #1

Two security researchers, Amat Cama and Richard Zhu managed to exploit the vulnerability and fully pawned iPhone X.

Afterward, the Fluoroacetate team proceeded to exploit another mobile phone, Samsung Galaxy S9. They utilized a heap overflow in the baseband segment to get code execution on the mobile. This hack earned the group another $50,000 USD and 15 more points towards Master of Pwn. Fluoroacetate also hacked iPhone – JIT (Just-In-Time) vulnerability in the internet browser pursued by an Out-Of-Bounds write for the sandbox break and escalation. This hack brought them another $60,000 USD and 10 extra Master of Pwn points.

Georgi Geshev, Fabi Beterke, and Rob Miller (MWR Labs)

Other than the Fluoroacetate team, another team MWR Labs (Georgi Geshev, Fabi Beterke, and Rob Miller) from UK excessively attempted their luck on Xiaomi 6 and Samsung Galaxy S9. On Xiaomi 6, they did code execution exploit through Wi-Fi that forced the default internet browser to redirect to a certain page. They chained different bugs together to silently install an application through JavaScript, bypass the application whitelist, and begin the application installation automatically. This hack earned them $30,000 USD and 6 Master of Pwn points.

The MWR Labs group additionally joined three bugs to exploit the Samsung Galaxy S9 over Wi-Fi. They redirected the user and forced them to unsafe application to install there custom application. But they failed at first attempt, but they were successful in second attempt, which earned them $30,000 USD and 6 more Master Pwn points.

Michael Contreras, a security researcher who was last entry of the day, got $25,000 USD and 6 Master of Pwn points for hacking the Xiaomi Mi 6 web browser via javascript type confusion flaw.

Day #2

Another day at Pwn20wn started with more exploiting and vulnerabilities in iPhone X and Xiaomi Mi 6 by Fluoroacetate team.

Their first iPhone X 0-day combined a JIT bug in web browser along with the out-of-bounds access that resulted in deleted photo exfiltrated from the iPhone X. This vulnerability which they exploited got them $50,000 USD.

Noor Qureshi

Experienced Founder with a demonstrated history of working in the computer software industry. Skilled in Network Security and Information Security.

Related Articles

Back to top button