2023 Pwnie Award Nominees

Best Cryptographic Attack

MEGA: Malleable Encryption Goes Awry

Practically exploitable cryptographic vulnerabilities in Matrix

Video-based cryptanalysis: Extracting Cryptographic Keys from Video Footage of a Device’s Power LED

Best Desktop Bug

CS:GO: From Zero to 0-day;

CountExposure!

LPE and RCE in RenderDoc, CVE-2023-33865 & CVE-2023-33864

Best Privilege Escalation Bug

Bypassing Cluster Operation in Databricks Platform

UNCONTAINED: Uncovering Container Confusion in the Linux Kernel

URB Excalibur: Slicing Through the Gordian Knot of VMware VM Escapes

Best Remote Code Execution Bug

Checkmk RCE

ClamAV RCE

Unveiling Vulnerabilities in Windows Network Load Balancing: Exploring the Weaknesses

Best Song

Clickin’

Git Init

PegaSUS

Epic Achievement

Branch History Injection (BHI / Spectre-BHB)

Clement Lecigne: 0-days hunter world champion

Compromise of the whole PHP supply chain, twice

Lamest Vendor Response

Authentication Bypass in Mura CMS

Pinduoduo publishes spyware, denies it

Three Lessons From Threema: Analysis of a Secure Messenger

Most Epic Fail

“Holy fucking bingle, we have the no fly list,”

“I Was Sentenced to 18 Months in Prison for Hacking Back”

The disreputable … Jonathan Scott

Most Innovative Research

Inside Apple’s Lightning: Jtagging the iPhone for Fuzzing and Profit

Rowhammer Fingerprinting

Single Instruction Multiple Data Leaks in Cutting-edge CPUs, AKA Downfall

Most Under-Hyped Research

Activation Context Cache Poisoning

LPE and RCE in RenderDoc, CVE-2023-33865 & 33864

Perils and Mitigation of Security Risks of Cooperation in Mobile-as-a-Gateway IoT