This year's Pwn2Own contest to target Tesla Model 3 with prizes of up to $250,000 per exploit

Tesla joined by Microsoft, Oracle, Adobe and VMware as targets in this year's Pwn2Own hacking contest

Tesla has put up its latest Model 3 electric vehicle as the top target in this year's Pwn2Own hacking contest at March's CanSecWest security conference.

Hackers can grab between $35,000 to $250,000 in prize money for demonstrating workable exploits, with the contestant pulling in the highest number of ‘Master of Pwn Points' for Tesla cracks also able to win a Tesla Model 3 for themselves.

The biggest prizes - of $250,000 - have been put up for any contestant cracking the security of Tesla Gateway, Autopilot or VCSEC, Tesla's Vehicle Controller Secondary module, winning execution rights in the process.

Successful attacks on the modem or tuner will attract prizes of $100,000; and an Autopilot denial of service - Autopilot being Tesla's self-driving system - will attract a prize of $50,000. Even the key fobs and ‘phone-as-key' have been put up for the event, with a prize of $100,000 for any able to demonstrate a successful attack.

Table (bordered)
Modem or tuner
$100,000
WiFi or Bluetooth
$60,000
Infotainment
$35,000-$85,000
Gateway, Autopilot or VCSEC
$250,000
Autopilot denial of service
$50,000
Key fobs or phone-as-key
$100,000
Persistence
$50,000
CAN bus
$100,000

As an add-on prize, Tesla has also put up $100,000 for any crack that can take control of the Model 3's CAN (Controller Area Network) bus, which forms the backbone of any modern ‘smart' vehicle.

There is also $50,000 up for grabs for cracks that can demonstrate persistence - the ability to maintain root control of the component even after a system reboot.

Oracle, VMware, Microsoft and Adobe are also taking part.

Microsoft is offering $250,000 for any successful Hyper-V client guest-to-host escalation. Microsoft is increasingly a cloud computing company, and it would be catastrophic for the company were any client to be able to exploit Hyper-V, which underlies Microsoft's cloud computing services, to be able to take full control of the host - and therefore all clients running under it.

The same goes for VMware and Oracle, which are also putting up their respective virtualisation software for Pwn2Own.

VMware specialises in virtualisation software and has put up VMware ESXi, alongside VMware Workstation as a target, with awards of $150,000 and $70,000 respectively for successful cracks. Oracle VirtualBox will also be there with prize money of $35,000 available - not quite enough to buy a Tesla Model 3 outright.

On top of that, a number of web browsers, Windows Defender Application Guard, Microsoft Outlook and Adobe Reader will also be in the stocks.

And the hacker with the first successful exploit of the event will also win a Tesla Model 3.