Pwn2Own Berlin 2025 Uncovers Critical Vulnerabilities in Windows 11, Linux, Virtualization, and AI Systems

Introduction

The cybersecurity community was electrified by the revelations at Pwn2Own Berlin 2025, a high-profile hacking competition organized by Trend Micro's Zero Day Initiative (ZDI) and hosted at OffensiveCon Berlin from May 15-17, 2025. This event spotlighted critical zero-day vulnerabilities in key enterprise platforms including Windows 11, Red Hat Enterprise Linux, virtualization software such as Oracle VirtualBox and Docker Desktop, and even emerging AI systems. The competition distributed over $1 million in rewards, with $260,000 awarded on the very first day alone, underlining the value and urgency of public vulnerability research and responsible disclosure.

Background: Pwn2Own’s Role in Cybersecurity

Pwn2Own has long served as a premier proving ground where elite security researchers demonstrate sophisticated exploit techniques against widely used software under controlled conditions. Unlike traditional hacking exploits in the wild, the competition encourages responsible disclosure by ensuring vulnerabilities are reported to vendors before public disclosure, allowing for timely patches. The 2025 Berlin edition expanded its scope to include enterprise infrastructure and introduced an Artificial Intelligence category for the first time, reflecting evolving cyber threat landscapes.

Key Findings and Technical Insights

Windows 11: A Triple Blow

Microsoft’s flagship OS, Windows 11, touted for its hardware-based security features and kernel integrity protections, was compromised by three separate exploit chains:

• Chen Le Qi (STARLabs SG): Leveraged a complex exploit chain combining a Use-After-Free (UAF) vulnerability with an Integer Overflow to escalate privileges to SYSTEM level. This attack highlights how chaining memory corruption bugs can bypass existing mitigations.
• Marcin Wiązowski: Demonstrated an Out-of-Bounds Write vulnerability, a bug type where memory is corrupted outside its allocated boundary, allowing privilege escalation.
• Hyeonjin Choi (Out Of Bounds): Used a Type Confusion vulnerability to achieve privilege escalation, illustrating persistent challenges in memory safety.

The common thread through these attacks is the exploitation of memory safety flaws, which remain notoriously difficult to eradicate even in hardened environments. Full technical details remain guarded pending vendor analysis and patching efforts.

Red Hat Enterprise Linux: Root Access via Integer Overflow and Use-After-Free

At the competition, Red Hat Linux was breached by:

• An integer overflow flaw that permitted privilege escalation from user to root.
• A chained attack combining a Use-After-Free bug with an information leak, allowing similar privilege escalation.

These findings are a reminder that even open-source, widely audited platforms require rigorous patching and security vigilance to prevent “low complexity” bugs becoming high-impact exploits.

Breaking Virtualization and Container Barriers

• Oracle VirtualBox: Team Prison Break exploited an integer overflow to escape the virtual environment and execute code on the host OS, demonstrating that sandboxing mechanisms are not infallible.
• Docker Desktop: Researchers from STAR Labs used a Use-After-Free bug in the Linux kernel to escape container isolation and gain control of the host OS, a particularly alarming finding given the widespread adoption of containers in DevOps.

AI Security Breakthrough

For the first time, the AI category saw a confirmed exploit: Sina Kheirkhah of the Summoning Team successfully compromised Chroma, an AI software product. This breakthrough highlights the increasing attack surface as artificial intelligence tools become integral to enterprise infrastructure.

Implications and Impact

The Pwn2Own Berlin 2025 results underscore that despite advances in defensive technologies—such as hardware-enforced stack protection, virtualization-based security, and kernel-mode code integrity—critical vulnerabilities remain in leading enterprise OSes and infrastructure software.

• For Enterprises: These findings stress the urgency of maintaining disciplined patch management and investing in endpoint detection tools that can recognize post-exploitation behaviors.
• For Vendors: The event drives the imperative to accelerate vulnerability remediation cycles and advance architectural defenses, potentially shifting toward memory-safe programming languages and stronger sandboxing mechanisms.
• For the AI Field: The exploitation of AI software signals a new frontier for cybersecurity research, necessitating dedicated efforts to secure AI workflows and models.

Best Practices and Future Outlook

Organizations should:

• Enforce rapid and comprehensive patch application policies.
• Employ defense-in-depth strategies including sandboxing, privilege restriction, and behavior-based detection.
• Foster security awareness and continuous training for administrators and developers.

Meanwhile, vendors and researchers must cooperate to shorten patch windows and continue pioneering defenses against increasingly sophisticated exploit chains.

Conclusion

Pwn2Own Berlin 2025 has reaffirmed the evolving arms race between attackers and defenders, revealing how critical enterprise systems can still be compromised despite modern security measures. The competition's responsible disclosure approach not only mitigates immediate risks but also propels the cybersecurity community toward more resilient architectures in a hyperconnected, AI-driven world.

References:

• Research Snipers: Pwn2Own Premiere in Berlin — Windows 11 and Firefox Cracked
• BleepingComputer: Windows 11 and Red Hat Linux hacked on first day of Pwn2Own
• Trend Micro Zero Day Initiative Official Pwn2Own 2025 announcements
• OffensiveCon Event Details