Galaxy S22 got hacked on Pwn2Own 2022 competition

Currently, the consumer-focused Pwn2Own 2022 competition is being held in Toronto, Canada. On the second day of this competition, the most-recent flagship of Samsung, the “Galaxy S22”, was hacked again. Besides Samsung’s flagship, they also revealed exploits targeting the zero-day vulnerabilities in the routers, printers, smart speakers, and network-attached storage (NAS) devices of HP, NETGEAR, Synology, Sonos, TP-Link, Canon, Lexmark, and Western Digital.

Let us tell you; this is not the first time when the Galaxy S22 series has been hacked in this competition; rather, it’s the third time when the series got hacked. They used an improper validation attack to hack this series and won a total of 25,000$, 50% of the total prize money. The actual prize money decided for this series was 50,000$, but it was deducted in half due to its more-than-one-time hacking. Apart from Samsung Galaxy S22, devices like Apple iPhone 13 and Google Pixel 6 are also included in the mobile device category in this competition.

On the first day of this competition, the STAR Labs team and a contestant named Chim hack the Galaxy S22 series

. They have used two other zero-day exploits as a part of the successful improper input validation attacks against this series. Not only in this one but in all three cases of its hacking, the rules were the same, which are, the device will be booted with the latest OS version with all the available updates installed in it. Albeit, this series will once again be included in the test by hackers with the Pentest Limited and Qrious Secure teams on the third day of the competition.

See more

STAR Labs was able to execute their improper input validation attack on their 3rd try against the Samsung Galaxy S22. They earn $50K and 5 Master of Pwn points. #P2OToronto #Pwn2Own

The team got a great video of the exploit attempt: https://t.co/69It9QBOy2 pic.twitter.com/20WyVDuV5b

— Zero Day Initiative (@thezdi) December 6, 2022