Full Report
The Pwn2Own Berlin 2025 hacking competition has concluded, with security researchers earning $1,078,750 after exploiting 29 zero-day vulnerabilities and encountering some bug collisions. [...]
Analysis Summary
The provided article discusses the results of the Pwn2Own Berlin 2025 hacking competition, where researchers earned significant bounties for demonstrating various zero-day vulnerabilities in major software products. While the article highlights multiple successful exploitation chains, it only provides specific CVE details for vulnerabilities found in **Mozilla Firefox** during this or a previous event.
## Vulnerability: Zero-Days Demonstrated at Pwn2Own Berlin 2025
### CVE Details
* **CVE ID:** CVE-2025-4918 (Related to Firefox)
* **CVSS Score:** N/A (Score not provided in text)
* **CWE:** N/A
* **CVE ID:** CVE-2025-4919 (Related to Firefox)
* **CVSS Score:** N/A (Score not provided in text)
* **CWE:** N/A
*(Note: CVEs were not provided for the exploited VMware ESXi, Windows 11, Oracle VirtualBox, or SharePoint vulnerabilities mentioned, only the general products targeted.)*
### Affected Systems
* **Products:** Mozilla Firefox, VMware ESXi, Windows 11, Oracle VirtualBox, Red Hat Enterprise Linux, Microsoft SharePoint.
* **Versions:**
* Firefox versions prior to 138.0.4, ESR 128.10.1, ESR 115.23.1, and the older Android version.
* Other products were successfully exploited, but specific vulnerable versions are not detailed.
* **Configurations:** Exploits varied per product (e.g., RCE on ESXi using integer overflow).
### Vulnerability Description
The article focuses on successful exploitation chains against several high-profile products during Pwn2Own Berlin 2025.
1. **VMware ESXi:** Exploited via an integer overflow.
2. **Microsoft SharePoint:** Exploited via a chain combining authentication bypass and insecure deserialization.
3. **Mozilla Firefox:** Two distinct zero-day bugs (CVE-2025-4918 and CVE-2025-4919) were demonstrated.
### Exploitation
* **Status:** **Exploited in the wild** (Demonstrated live during the competition, indicating real-world exploit potential, though the specific CVEs mentioned were patched immediately after demonstration).
* **Complexity:** Implied **Medium to High**, given the high bounties awarded and requirement of complex exploit chains (e.g., auth bypass + deserialization).
* **Attack Vector:** Likely **Network** or **Local** depending on the specific target (e.g., RCE on ESXi/SharePoint implies network access).
### Impact
* **Confidentiality:** High (Full system compromise likely possible in several scenarios, such as RCE on ESXi/VirtualBox host).
* **Integrity:** High (Ability to execute arbitrary code).
* **Availability:** High (Potential for denial of service or full system takeover).
### Remediation
#### Patches
* **Mozilla Firefox:** Patches released by Mozilla addressed CVE-2025-4918 and CVE-2025-4919 in the following versions:
* Firefox 138.0.4
* Firefox ESR 128.10.1
* Firefox ESR 115.23.1
* New Firefox for Android version.
*(Note: Patches for vulnerabilities in VMware ESXi, SharePoint, VirtualBox, and RHEL were implicitly released by the vendors following the competition deadlines, but specific patch versions/dates are not provided in this summary of the Pwn2Own results.)*
#### Workarounds
* No specific vendor-provided workarounds were detailed for the immediate patches.
### Detection
* The article does not provide specific Indicators of Compromise (IoCs) related to the newly demonstrated zero-days.
* Detection should focus on monitoring for known exploit techniques associated with remote code execution, authentication bypasses, and integer overflows targeting the affected products pending official vendor security advisories.
### References
* Vendor advisories for Mozilla regarding CVE-2025-4918 and CVE-2025-4919: `blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/`
* Mozilla Advisory Page (for reference): `mozilla.org/en-US/security/advisories/mfsa2025-15/#CVE-2025-4918` and `mozilla.org/en-US/security/advisories/mfsa2025-15/#CVE-2025-4919`
* Past Firefox Vulnerabilities (Mentioned for context): `bleepingcomputer.com/news/security/mozilla-fixes-two-firefox-zero-day-bugs-exploited-at-pwn2own/`