The inaugural day of Pwn2Own Berlin 2025, hosted by the Zero Day Initiative (ZDI), showcased a series of groundbreaking exploits across various categories, including the debut of the Artificial Intelligence (AI) category. The event awarded a total of $260,000 to participating researchers, with STAR Labs leading the Master of Pwn standings after the first day.
AI Category
A significant highlight was the first-ever successful exploit in the AI category. Sina Kheirkhah of Summoning Team demonstrated an exploit against Chroma, earning $20,000 and 2 Master of Pwn points. This marks a pivotal moment in Pwn2Own history, reflecting the growing focus on AI system vulnerabilities.
Operating Systems
In the realm of operating systems, several notable exploits were demonstrated:
- Windows 11: Chen Le Qi of STAR Labs combined a use-after-free (UAF) vulnerability with an integer overflow to escalate privileges to SYSTEM level, securing $30,000 and 3 Master of Pwn points.
- Red Hat Linux: Pumpkin from DEVCORE Research Team utilized an integer overflow to achieve privilege escalation, earning $20,000 and 2 Master of Pwn points.
- Windows 11: Marcin Wiązowski employed an out-of-bounds write to escalate privileges to SYSTEM, receiving $30,000 and 3 Master of Pwn points.
- Windows 11: Hyeonjin Choi of Out Of Bounds used a type confusion bug to escalate privileges, earning $15,000 and 3 Master of Pwn points.
In the virtualization category, Team Prison Break (Best of the Best 13th) successfully exploited Oracle VirtualBox using an integer overflow, escaping the virtual environment to execute code on the host operating system. This achievement garnered them $40,000 and 4 Master of Pwn points.
Docker Desktop
Billy and Ramdhan of STAR Labs demonstrated a Docker Desktop escape by leveraging a use-after-free vulnerability in the Linux kernel, allowing them to execute code on the underlying operating system. This exploit earned them $60,000 and 6 Master of Pwn points.
Bug Collisions
The event also saw instances of bug collisions, where researchers independently discovered vulnerabilities already known to vendors:
- NVIDIA Triton Inference Server: Sina Kheirkhah's exploit was found to be based on a known but unpatched vulnerability, resulting in a reduced award of $15,000 and 1.5 Master of Pwn points.
- Red Hat Linux: Hyunwoo Kim and Wongi Lee of Theori successfully demonstrated an exploit involving an information leak and a use-after-free vulnerability. However, one of the bugs was previously known, leading to an award of $15,000 and 1.5 Master of Pwn points.
- NVIDIA Triton Inference Server: Viettel Cyber Security's exploit was also based on a known but unpatched vulnerability, earning them $15,000 and 1.5 Master of Pwn points.
Not all attempts were successful. The team from Wiz Research was unable to get their exploit of the NVIDIA Triton Inference Server working within the allotted time.
Conclusion
Day One of Pwn2Own Berlin 2025 highlighted the evolving landscape of cybersecurity threats, particularly with the introduction of the AI category. The event underscored the importance of proactive vulnerability research and the need for continuous improvement in security measures across various platforms. With STAR Labs leading the Master of Pwn standings, the competition remains intense as participants prepare for subsequent days of the event.
Source: Zero Day Initiative Zero Day Initiative — Pwn2Own Berlin 2025: Day One Results
