The second and final day of the 2014 Mobile Pwn2Own competition was held in Tokyo and two security researchers targeted Windows Phone and Android. Both achieved partial pwnage, succeeding at controlling one aspect of their respective systems but unable to gain comprehensive control.

First, Nico Joly was the sole competitor to take on Windows Phone (the Lumia 1520) this year, entering with an exploit aimed at the browser. He was successfully able to exfiltrate the cookie database; however, the sandbox held and he was unable to gain full control of the system.

The second and final competitor, Jüri Aedla, most recently presented a successful Firefox attack in the Pwn2Own competition Vancouver this spring. In Tokyo, he presented an approach utilizing wi-fi on his target system (a Nexus 5 running Android) However, he was unable to elevate his privileges further than their original level.

All exploits were, as always, confirmed by the Zero Day Initiative and immediately disclosed to the affected companies.

During the first day of the competition, five teams succesfully broke security protections on the Amazon Fire Phone, iPhone 5S, LG Nexus 5 and the Samsung S5.