BURSTSecurity researchers uncovered critical zero-day vulnerabilities across major enterprise platforms during the second day of Pwn2Own Berlin 2025, earning a staggering $435,000 in bounties.
The competition, hosted at the OffensiveCon conference, witnessed successful exploits against VMware ESXi, Microsoft SharePoint, Mozilla Firefox, and Red Hat Enterprise Linux, demonstrating significant security gaps in widely used enterprise software.
In a historic achievement, Nguyen Hoang Thach of STARLabs SG executed the first-ever successful VMware ESXi exploit in Pwn2Own history. Using a single integer overflow vulnerability, Thach compromised the virtualization platform, earning $150,000 and 15 Master of Pwn points.
This high-impact vulnerability in ESXi is particularly concerning as the hypervisor is widely deployed in enterprise data centers worldwide.
Microsoft SharePoint proved equally vulnerable when Dinh Ho Anh Khoa of Viettel Cyber Security chained an authentication bypass with an insecure deserialization bug to gain unauthorized access. The exploit earned him $100,000 and 10 Master of Pwn points.
As a collaboration platform integrated with Microsoft 365 environments, this SharePoint vulnerability represents a significant risk to organizational data security.
Browser security was also compromised as Palo Alto Networks researchers Edouard Bochin and Tao Yan demonstrated an out-of-bounds write vulnerability in Mozilla Firefox, earning $50,000 and 5 Master of Pwn points. The browser exploit highlights ongoing risks in client-side software despite years of security hardening.
Red Hat Enterprise Linux fell to Gerrard Tai of STARLabs SG, who leveraged a use-after-free bug to escalate privileges, securing $10,000 and further consolidating STAR Labs’ commanding lead in the Master of Pwn standings.
The newly introduced AI category continued to attract successful exploits. Benny Isaacs, Nir Brakha, and Sagi Tzadik of Wiz Research exploited Redis using a use-after-free vulnerability, earning $40,000 and 4 Master of Pwn points.
Ho Xuan Ninh and Tri Dang from Qrious Secure also chained four distinct bugs to compromise NVIDIA’s Triton Inference Server, receiving $30,000 and 3 points.
“And that wraps up Day Two! We awarded $435,000, which brings the contest total to $695,000,” announced the Zero Day Initiative, which operates the competition. “With a third day still to come, there’s a very real chance we could reach the $1,000,000 threshold.”
The competition has revealed 20 unique zero-day vulnerabilities across two days, with STAR Labs establishing a seemingly insurmountable lead in the Master of Pwn rankings.
Oracle VirtualBox was also successfully exploited when Viettel Cyber Security demonstrated a guest-to-host escape using an out-of-bounds write vulnerability, earning $40,000.
Day Three of the competition will continue on Saturday, May 17, with remaining scheduled attempts targeting Windows 11, Oracle VirtualBox, VMware products, Mozilla Firefox, and NVIDIA systems.
All vulnerabilities demonstrated during the contest are responsibly disclosed to vendors, who have 90 days to release security fixes before publishing technical details.
This inaugural Berlin edition of Pwn2Own marks the competition’s first time including an AI category, reflecting growing concerns about security in emerging technologies.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
The post VMware ESXi, Firefox, Red Hat Linux & SharePoint 0-Day Vulnerabilities Exploited – Pwn2Own Day 2 appeared first on Cyber Security News.