Pwn2Own Berlin 2025: Windows 11, VMware, Firefox and Others Hacked

The beginning of Pwn2Own Berlin 2025, hosted at the OffensiveCon conference, has concluded its first two days with notable achievements in cybersecurity research. A total of $695,000 has been awarded for 39 unique zero-day vulnerabilities, with the final day scheduled for Saturday, May 17.

On May 15, the competition commenced with 11 exploit attempts, including the first-ever AI category. Researchers earned $260,000 for successful demonstrations across various platforms.

• Windows 11: Chen Le Qi of STAR Labs SG combined a use-after-free and integer overflow to escalate privileges to SYSTEM, earning $30,000 and 3 Master of Pwn points.

• Red Hat Linux: Pumpkin from the DEVCORE Research Team exploited an integer overflow for privilege escalation, securing $20,000 and 2 points.

• Oracle VirtualBox: Team Prison Break achieved a virtual machine escape via an integer overflow, receiving $40,000 and 4 points.

• Docker Desktop: Billy and Ramdhan of STAR Labs demonstrated a container escape using a Linux kernel vulnerability, earning $60,000 and 6 points.

• AI Category: Sina Kheirkhah of Summoning Team exploited the Chroma AI application database, marking the first success in this category and earning $20,000 and 2 points.

Additional awards were given for other successful exploits, including a type confusion bug in Windows 11 by Hyeonjin Choi of Out Of Bounds, who earned $15,000 and 3 points.

The second day, May 16, saw researchers uncovering 20 unique zero-day vulnerabilities, resulting in $435,000 in awards.

• Microsoft SharePoint: Dinh Ho Anh Khoa of Viettel Cyber Security combined an authentication bypass and insecure deserialization to exploit SharePoint, earning $100,000 and 10 points.

• VMware ESXi: Synacktiv demonstrated a successful exploit, securing $80,000 and 8 points.

• NVIDIA Triton Inference Server: Mohand Acherir and Patrick Ventuzelo of FuzzingLabs earned $15,000 and 1.5 points for their exploit, which was a known but unpatched vulnerability.

Other successful exploits included attacks on Firefox, Redis, and additional AI systems.SecurityWeek

Wrapping up Day Two of #Pwn2Own Berlin 2025. We’ve awarded $695,000 for 20 unique 0-days, with one more day to go! pic.twitter.com/x2oBfaSfKS

— Trend Zero Day Initiative (@thezdi) May 16, 2025

The final day, Saturday, May 17, is expected to feature remaining scheduled attempts, including further AI category exploits and other high-profile targets. With $695,000 already awarded, the total prize pool is projected to surpass $1,000,000.

As of the end of Day Two, STAR Labs SG leads the Master of Pwn standings, having demonstrated multiple successful exploits across various categories. The final standings will be determined after the conclusion of Day Three.

Pwn2Own Berlin 2025 has showcased the growing challenges in cybersecurity, highlighting the importance of proactive vulnerability research. The introduction of the AI category reflects the growing focus on securing emerging technologies.

Note: The above information is based on the latest available data from the Pwn2Own Berlin 2025 event. For detailed results and updates, refer to the Zero Day Initiative’s official blog.