Pierluigi Paganini
May 19, 2025
On the final day of Pwn2Own Berlin 2025, participants earned $383,750 for demonstrating zero-day in VMware Workstation, ESXi, Windows, NVIDIA, and Firefox.
During the competition, the participants earned a total of $1,078,750, demonstrating 28 unique 0-days in multiple products, including 7 in the AI category.
STAR Labs SG won “Master of Pwn” with $320K and 35 points.
Pwn2Own Berlin 2025 comes to a close. We awarded $1,078,750 for 28 unique 0-days. Congrats to @starlabs_sg for winning Master of Pwn with $320,000. Thanks to @offensive_con for hosting, and thanks to all who participated. Can't wait to see you next year! #Pwn2Own #P2OBerlin pic.twitter.com/gNJxhVjCiB
— Trend Zero Day Initiative (@thezdi) May 17, 2025
Corentin BAYET (@OnlyTheDuck) from @Reverse_Tactics exploited ESXi using two bugs; one overlapped with a prior entry, causing a COLLISION, however, his unique integer overflow earned him $112,500 and 11.5 points.
Thomas Bouzerar (@MajorTomSec) and Etienne Helluy-Lafont from Synacktiv exploited VMware Workstation with a heap-based buffer overflow, earning $80,000 and 8 Master of Pwn points.
Dung and Nguyen (@MochiNishimiya) from STARLabs exploited a TOCTOU race condition to escape the VM and an array index validation flaw for Windows privilege escalation, earning $70,000 and 9 points.
In the final Pwn2Own Berlin 2025 attempt, Miloš Ivanović (infosec.exchange/@ynwarcs) used a race condition to gain SYSTEM privileges on Windows 11, earning $15,000 and 3 Master of Pwn points.
The full list of hacking attempts made during day two is available here.
This is the time of the Pwn2Own at the OffensiveCon conference, and also the first time the competition includes an AI category.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Pwn2Own Berlin 2025)
