Welcome to the first day of Pwn2Own Berlin 2025! We have 11 different attempts, including our first ever AI attempts. We’ll be updating this blog with results as we have them.
And that bring Day One of #Pwn2Own Berlin to a close. We awarded $260,000 today, but more great research is yet to come. STAR Labs has an early lead on Master of Pwn, but it's anyone's game at this point. Stay tuned for more results as we go.
SUCCESS - Pumpkin (@u1f383) from DEVCORE Research Team used an integer overflow to escalate privs on Red Hat Linux. He earns $20,000 and 2 Master of Pwn points.
Going from user land to root.
COLLISION - We have a bug collision. Although Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) successfully demonstrated his exploit of #NVIDIA Triton, the bug he used was known by the vendor (but not patched). He still earns $15K and 1.5 Master of Pwn points.
SUCCESS - Chen Le Qi (@cplearns2h4ck) of STARLabs SG combined a UAF and an integer overflow to escalate to SYSTEM on #Windows 11. He earns $30,000 and 3 Master of Pwn points.
FAILURE - Unfortunately, the team from Wiz Research could not get their exploit of the NVIDIA Triton Inference working within the time allotted.
COLLISION - Hyunwoo Kim (@V4bel) and Wongi Lee (@_qwerty_po) of Theori were able to escalate to root on Red Hat Linux with an info leak and a UAF, but one of the bugs used was an N-day. They still win $15,000 and 1.5 Master of Pwn points.
SUCCESS - The first ever winner of the AI category in Pwn2Own history is Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam). His successful exploitation of Chroma earns him $20,000 and 2 Master of Pwn points.
SUCCESS - In a surprise to no one, Marcin Wiązowski's privilege escalation on Windows 11 is confirmed! He used an Out-of-Bounds Write to escalate to SYSTEM. His work earns him $30,000 and 3 Master of Pwn points.
SUCCESS - Their enthusiasm was rewarded as Team Prison Break (Best of the Best 13th) used an integer overflow to escape Oracle VirtualBox and execute code on the underlying OS. They earn $40,000 and 4 Master of Pwn points.
COLLISION - We have another collision - Viettel Cyber Security (@vcslab) targeting NVIDIA Triton Inference Server successfully demonstrated their exploit - however it was known to the vendor, but not yet patched. They still earn $15000 and 1.5 Master of Pwn Points
SUCCESS - Hyeonjin Choi (@d4m0n_8) of Out Of Bounds earns $15,000 for a third round win and 3 Master of Pwn Points by successfully using a type confusion bug to escalate privileges in #Windows11 #Pwn2Own #P2OBerlin
SUCCESS - Nicely done! Billy and Ramdhan of STAR Labs used a UAF in the Linux kernel to perform their Docker Desktop escape and execute code on the underlying OS. They earn $60,000 and 6 Master of Pwn Points.
