Security researchers demonstrated 20 zero-day vulnerabilities across enterprise technologies during the first two days of Pwn2Own Berlin 2025, earning a total of $695,000 in rewards. High-profile targets included VMware ESXi, Microsoft SharePoint, Red Hat Enterprise Linux, and Mozilla Firefox.
The event, hosted as part of the OffensiveCon conference from May 15 to 17, marks the first time Pwn2Own introduced an AI category, with over $1 million in prizes available across various enterprise-related targets.
$435,000 Awarded on Day Two for New Zero-Day Exploits
Day two of the contest saw $435,000 awarded for successful exploitation of zero-day flaws in major platforms. Key highlights include:
- VMware ESXi Exploit
Nguyen Hoang Thach of STARLabs SG earned $150,000 after exploiting an integer overflow vulnerability in VMware ESXi. - Microsoft SharePoint Breach
Dinh Ho Anh Khoa from Viettel Cyber Security received $100,000 for chaining two vulnerabilities — an authentication bypass and insecure deserialization — to hack Microsoft SharePoint. - Mozilla Firefox Zero-Day
Palo Alto Networks’ Edouard Bochin and Tao Yan demonstrated a successful out-of-bounds write in Mozilla Firefox. - Red Hat Enterprise Linux Privilege Escalation
Gerrard Tai from STARLabs SG leveraged a use-after-free flaw to escalate privileges to root. - Oracle VirtualBox Guest-to-Host Escape
Another team from Viettel Cyber Security used an out-of-bounds write to escape the guest VM environment on Oracle VirtualBox.
AI Targets Successfully Hacked in New Category
The new AI category also saw action:
- Redis Exploitation
Wiz Research exploited Redis using a use-after-free zero-day. - Nvidia Triton Inference Server
Qrious Secure chained four vulnerabilities to gain control over Nvidia’s AI inference server.
Day One Summary and Remaining Targets
On day one, contestants earned $260,000 by hacking Windows 11, Red Hat Enterprise Linux, and Oracle VirtualBox. That brought the two-day total to $695,000 in payouts for uncovering 20 unique zero-day vulnerabilities.
The final day will see further exploit attempts on:
- Windows 11
- VMware Workstation and ESXi
- Oracle VirtualBox
- Mozilla Firefox
- Nvidia Triton Inference Server and Container Toolkit
Though two Tesla targets — a 2025 Model Y and a 2024 Model 3 unit — were offered, no exploit attempts were submitted.
Disclosure Timeline and Vendor Response
Following the contest, vendors have 90 days to address the disclosed vulnerabilities before Trend Micro’s Zero Day Initiative publicly releases technical details.
