Security researchers successfully breached the Tesla Infotainment System and secured $516,500 in prizes after exploiting 37 zero-day vulnerabilities during the opening of the Pwn2Own Automotive 2026 competition.
37 zero-days in one event is remarkable for Tesla's infotainment system. The $516K payout underscores how seriously the industry is taking automotive cybersecurity now. What's interesting is the 90-day disclosure window - it creates real pressure on Tesla's security team to patch quickly while giving researchers proper recognition. The irony of course is that Tesla is generally considered one of the more security-conscious automakers. Imagine what Pwn2Own would find in legacy automotive systems without OTA update capabilities.
Exactly. This doesn’t say Tesla is insecure, it shows what happens when a system is open to real scrutiny and can actually be patched. The more worrying question is the cars that can’t fix zero-days at all.
37 zero-days in one event is remarkable for Tesla's infotainment system. The $516K payout underscores how seriously the industry is taking automotive cybersecurity now. What's interesting is the 90-day disclosure window - it creates real pressure on Tesla's security team to patch quickly while giving researchers proper recognition. The irony of course is that Tesla is generally considered one of the more security-conscious automakers. Imagine what Pwn2Own would find in legacy automotive systems without OTA update capabilities.
Exactly. This doesn’t say Tesla is insecure, it shows what happens when a system is open to real scrutiny and can actually be patched. The more worrying question is the cars that can’t fix zero-days at all.