Pwn2Own Berlin 2025 competition has so far awarded $695,000 for the discovery of critical vulnerabilities across major enterprise platforms. High-profile exploits include Dinh Ho Anh Khoa of Viettel Cyber Security’s $100,000-winning authentication bypass and insecure deserialization bug on Microsoft SharePoint. The inaugural AI security category has also seen successful exploits. Held over three days, the total prize money may exceed $1 million.
Windows Remote Desktop Gateway UAF Vulnerability Allows Remote Code Execution
Microsoft disclosed a critical vulnerability (CVE-2025-21297) in Remote Desktop Gateway that enables remote code execution due to a use-after-free bug. Discovered by VictorV, it affects
