Pwn2Own Berlin 2025: Day Two Results

COLLISION - Mohand Acherir & Patrick Ventuzelo (@pat_ventuzelo) of FuzzingLabs (@fuzzinglabs) exploited #NVIDIA Triton, but the exploit they used was known by the vendor (but unpatched). They still earn $15,000 and 1.5 Master of Pwn points.

SUCCESS - Dinh Ho Anh Khoa of Viettel Cyber Security combined an auth bypass and an insecure deserialization bug to exploit Microsoft SharePoint. He earns $100,000 and 10 Master of Pwn points.

SUCCESS - Nguyen Hoang Thach of STARLabs SG used a single integer overflow to exploit #VMware ESXi - a first in Pwn2Own history. He earns $150,000 and 15 Master of Pwn points.

SUCCESS - Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) from Palo Alto Networks used an Out-of-Bounds Write to exploit Mozilla Firefox. They earn $50,000 and 5 Master of Pwn points.

SUCCESS - The second full win in the AI category goes to Benny Isaacs (@benny_isaacs), Nir Brakha, Sagi Tzadik (@sagitz_) of Wiz Research as they leveraged a UAF to exploit Redis. They earn $40,000 and 4 Master of Pwn points.

FAILURE - Unfortunately, Sina Kheirkhah of Summoning Team could not get his exploit of SharePoint working within the time allotted.

SUCCESS - In the first full win against the NVIDIS Triton Inference server, Ho Xuan Ninh (@Xuanninh1412) and Tri Dang (@trichimtrich) from Qrious Secure used a four bug chain to exploit #NVIDIA Triton. Their unique work earns them $30,000 and 3 Master of Pwn points.

SUCCESS - Viettel Cyber Security (@vcslab) used an OOB Write for their Guest-to-Host escape on Oracle VirtualBox. The earn themselves $40,000 and 4 Master of Pwn points.

SUCCESS - Gerrard Tai of STAR Labs SG Pte. Ltd used a Use-After-Free bug to escalate privileges on Red Hat Enterprise Linux. His third-round win earns them $10,000 and 2 Master of Pwn points.