The hacking neighborhood celebrated the tip of Pwn2Own Eire 2025. Researchers demonstrated their expertise by figuring out 73 distinctive zero-day vulnerabilities throughout totally different units.
The occasion, hosted by the Zero Day Initiative (ZDI), distributed a staggering $1,024,750 in prizes, highlighting the rising sophistication of cybersecurity threats and defenses.
Over three days, 56 bugs have been rewarded earlier than the ultimate stretch, with rivals pushing the bounds on sensible residence devices, printers, and cell units.
This 12 months’s contest rewarded innovation and inspired collaboration amongst distributors. Firms like Meta, Synology, and QNAP supported the occasion.
The ultimate day kicked off with excessive anticipation, as 17 makes an attempt remained. Groups tackled every part from network-attached storage to surveillance cameras, typically chaining a number of vulnerabilities for optimum impression.
$1,024,750 – 73 distinctive bugs – per week of fantastic analysis on show. #Pwn2Own Eire had all of it. Success. Failure. Intrigue. You title it. Congratulations to the Grasp of Pwn winners @SummoningTeam! Their excellent work earned them $187,500 and 22 level. See you in Tokyo for… pic.twitter.com/Vxd5b0yJ55— Pattern Zero Day Initiative (@thezdi) October 24, 2025
Standout performances included artistic demos, akin to loading the basic recreation Doom onto a compromised printer’s LCD display screen, a nod to hackers’ aptitude for the dramatic.
Standout Wins And Inventive Hacks Steal The Present
Chris Anastasio of Staff Cluck earned $20,000 and a couple of Grasp of Pwn factors by exploiting a sort confusion vulnerability within the Lexmark CX532adwe printer, granting full management over the gadget.
Confirmed! Chris Anastasio of Staff Cluck used a single kind confusion bug to take advantage of the Lexmark CX532adwe printer. He earns himself $20,000 and a couple of Grasp of Pwn factors. #Pwn2Own pic.twitter.com/ZsvnexVhQo— Pattern Zero Day Initiative (@thezdi) October 23, 2025
Ben R. and Georgi G. from Interrupt Labs earned $50,000 for locating a flaw within the Samsung Galaxy S25. This flaw allowed the digicam and placement monitoring to activate with out the person’s consent. This serves as a reminder of the privateness dangers in fashionable smartphones.
One other huge affirmation! Ben R. And Georgi G. of Interrupt Labs used an improper enter validation bug to take over the Samsung Galaxy S25 – enabling the digicam and placement monitoring within the course of. They earn $50,000 and 5 Grasp of Pwn factors. #Pwn2Own pic.twitter.com/oNhdefPR7k— Pattern Zero Day Initiative (@thezdi) October 23, 2025
Within the sensible residence enviornment, Xilokar mixed 4 bugs, together with an authentication bypass and underflow, to pwn the Philips Hue Bridge, securing $17,500 regardless of a partial collision with prior entries.
Equally, Sina Kheirkhah of the Summoning Staff used hard-coded credentials and an injection assault to take over a QNAP TS-453E NAS gadget, strolling away with $20,000 and 4 factors.
David Berard from Synacktiv impressed with a dual-bug assault on the Ubiquiti AI Professional surveillance digicam, full with a playful “Child Shark” tune on the hacked system, incomes $30,000 and three factors.
🎥 Eyes extensive shut! David Berard of @Synacktiv simply breached the @Ubiquiti AI Professional surveillance system at #Pwn2Own. He additionally serenaded us with spherical of “Child Shark” performed by the speaker. He is off to the disclosure room with an ear worm and the main points.— Pattern Zero Day Initiative (@thezdi) October 23, 2025
Namnp from Viettel Cyber Safety chained a crypto bypass and heap overflow to take advantage of one other Philips Hue Bridge, boosting their Grasp of Pwn rating into the highest 5 with $20,000.
Interrupt Labs additionally shone within the printer class, utilizing path traversal and untrusted search path bugs on the Lexmark CX532adwe for a reverse shell and that unforgettable Doom demo, claiming $10,000.
One other huge affirmation! Ben R. And Georgi G. of Interrupt Labs used an improper enter validation bug to take over the Samsung Galaxy S25 – enabling the digicam and placement monitoring within the course of. They earn $50,000 and 5 Grasp of Pwn factors. #Pwn2Own pic.twitter.com/oNhdefPR7k— Pattern Zero Day Initiative (@thezdi) October 23, 2025
Collisions tempered some victories; as an illustration, Staff Viettel’s heap-based buffer overflow on the Lexmark was distinctive however paired with a replica, nonetheless yielding $7,500.
The Thalium group from Thales Group confronted comparable hurdles on the Philips Hue Bridge, incomes $13,500 for his or her novel heap overflow amid repeats.
Challenges, Withdrawals, And The Grasp Of Pwn Crown
Not each try succeeded. Daniel Frederic and Julien Cohen-Scali from Fuzzinglabs failed to totally exploit a QNAP TS-453E throughout the time restrict, as did Frisk and Opcode from Inequation Group on the Meta Quest 3S VR headset. They achieved a denial-of-service, however fell wanting code execution.
Withdrawals included CyCraft Know-how’s Amazon Good Plug try and Staff Z3’s WhatsApp entry, reflecting the excessive stakes and preparation concerned.
Ultimately, the Summoning Staff clinched the Grasp of Pwn title, amassing factors by a number of class wins that showcased their preparation.
Their victories, together with Kheirkhah’s QNAP hack, underscored the worth of numerous expertise in vulnerability analysis. ZDI praised all individuals for advancing safety, noting the occasion’s function in responsibly disclosing flaws to distributors.
Abstract of Vulnerabilities Exploited
Researcher/TeamTarget DeviceVulnerabilities ExploitedPrizeMaster of Pwn PointsNotesXilokar (@Xilokar)Philips Hue BridgeAuthentication bypass, underflow (plus two others)$17,5003.5Partial collisionChris Anastasio (Staff Cluck)Lexmark CX532adwe PrinterType confusion$20,0002Full successBen R. and Georgi G. (Interrupt Labs)Samsung Galaxy S25Improper enter validation$50,0005Enabled digicam and placement trackingYannik Marchand (kinnay)Philips Hue BridgeIncorrect Implementation of Authentication Algorithm (plus two others)$13,5002.75Partial collisionDavid Berard (Synacktiv)Ubiquiti AI Professional (Surveillance)Pair of bugs (unspecified)$30,0003Included “Child Shark” demoSina Kheirkhah (@SinSinology, Summoning Staff)QNAP TS-453EHard-coded credentials, injection$20,0004Full successTeam ViettelLexmark CX532adwe PrinterHeap-based buffer overflow (plus one different)$7,5001.5Partial collisionTeam @NeodymeCanon imageCLASS MF654CdwInteger overflow$10,0002Full successInterrupt LabsLexmark CX532adwe PrinterPath traversal, untrusted search path$10,0002Reverse shell and Doom demoThalium Staff (Thales Group)Philips Hue BridgeHeap-based buffer overflow (plus two others)$13,5002.75Partial collisionnamnp (Viettel Cyber Safety)Philips Hue BridgeCrypto bypass, heap overflow$20,0004Full success
Wanting forward, the following problem awaits at Pwn2Own Automotive in Tokyo from January 21-23, 2026, increasing to incorporate EV chargers and extra.
Hackers are discovering new vulnerabilities on a regular basis. Occasions like this are essential for strengthening digital safety all over the world.
Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to characteristic your tales.
