Pwn2Own Berlin 2025: Master of Pwn

Pwn2Own is a computer hacking contest held annually by Trend Micro’s Zero Day Initiative - ZDI. Contestants are challenged to exploit widely used software and mobile devices with previously unknown vulnerabilities. Winners of the contest receive the device that they exploited and a cash prize. The total prize for each contest is up to millions of dollars.

The 2025 spring edition of Pwn2Own (Pwn2Own Berlin) was held from 15th May to 17th May 2025 in an on-site format where participants competed in-person.

Our researchers have managed to be 1st place overall, winning the Master of Pwn for the second time.

Chen Le Qi has successfully Pwned Windows 11 in the Local Escalation of Privilege Category.

Billy Jheng Bing-Jhong and Muhammad Alifa Ramdhan has successfully Pwned the Docker Desktop in the Cloud/Container category.

Nguyễn Hoàng Thạch has successfully Pwned the VMware ESXi in the Virtualization Category - a first in Pwn2Own history.

Gerrard Tai has successfully Pwned Red Hat Enterprise Linux in the Local Escalation of Privilege Category.

Đỗ Mạnh Dũng and Nguyễn Đăng Nguyên has successfully Pwned the VirtualBox with Windows kernel vulnerability addon in the Virtualization Category.

References

• ZDI blog: Pwn2Own Berlin 2025 announcement
• Twitter/X: @thezdi Master of Pwn
• Twitter/X: @thezdi Windows 11 LPE
• Twitter/X: @thezdi Docker Desktop
• Twitter/X: @thezdi VMware ESXi (historic first)
• Twitter/X: @thezdi Red Hat Enterprise Linux
• Twitter/X: @thezdi VirtualBox