ctipilot.ch

Pwn2Own Berlin 2026 (May 14–16) — 47 zero-days, $1,298,250 awarded; DEVCORE Exchange three-bug SYSTEM RCE chain, STARLabs ESXi escape, every AI agent target fell; Compass Security Swiss participation

incident · item:pwn2own-berlin-2026

Coverage timeline
3
first 2026-05-17 → last 2026-05-17
Briefs
1
1 distinct
Sources cited
7
6 hosts
Sections touched
3
action_items, deep_dive, tldr
Co-occurring entities
2
see Related entities below
2026-05-173 appearances2026-05-17

Story timeline

  1. 2026-05-17CTI Daily Brief — 2026-05-17
    tldrTL;DR bullet. Contest wrap-up summary.
  2. 2026-05-17CTI Daily Brief — 2026-05-17
    deep_diveFirst coverage. Deep dive on contest outcomes: DEVCORE Exchange chain (90-day embargo), STARLabs ESXi escape, new AI Agents category — every target fell (Codex, Cursor, LM Studio, LiteLLM, NVIDIA Container Toolkit); capacity-overflow rejected-researcher PoC wave; Compass Security Swiss prize takings (Codex CWE-150 + Cursor).
  3. 2026-05-17CTI Daily Brief — 2026-05-17
    action_itemsAction: inventory AI agent / inference deployments on developer endpoints; egress-restrict RFC-1918; require tool-plugin code signing; ensure EDR coverage of agent runtime processes.

Where this entity is cited

  • tldr1
  • deep_dive1
  • action_items1

Source distribution

  • thezdi.com2 (29%)
  • bleepingcomputer.com1 (14%)
  • msrc.microsoft.com1 (14%)
  • zerodayinitiative.com1 (14%)
  • cisa.gov1 (14%)
  • hackread.com1 (14%)

Related entities

All cited sources (7)

Items in briefs about Pwn2Own Berlin 2026 (May 14–16) — 47 zero-days, $1,298,250 awarded; DEVCORE Exchange three-bug SYSTEM RCE chain, STARLabs ESXi escape, every AI agent target fell; Compass Security Swiss participation (1)

UPDATE: Exchange CVE-2026-42897 — Pwn2Own DEVCORE three-bug SYSTEM RCE chain emerges alongside active OWA-XSS exploitation

From CTI Daily Brief — 2026-05-17 · published 2026-05-17 · view item permalink →

UPDATE (originally covered 2026-05-15 and 2026-05-16 deep dive): DEVCORE's Orange Tsai chained three undisclosed Exchange Server bugs on Pwn2Own Berlin 2026 Day 2 to achieve unauthenticated remote code execution at SYSTEM privilege level, earning $200,000 (Zero Day Initiative, 2026-05-15; BleepingComputer, 2026-05-15). This chain is separate from the actively-exploited CVE-2026-42897 (OWA stored XSS, no permanent patch; EEMS mitigation M2.1.x only) that the 2026-05-16 deep dive covered. ZDI verbatim: "Orange Tsai (DEVCORE Research Team) earned $200,000 after chaining three bugs to gain remote code execution with SYSTEM privileges on Microsoft Exchange."

The three bugs are under a 90-day Pwn2Own embargo — Microsoft must patch by approximately 2026-08-14 before ZDI publishes technical detail. Operationally, the compound risk for on-premises Exchange has materially worsened in 48 h: one actively exploited XSS without a permanent patch (M2 mitigation only, with known OWA Calendar Print / inline-image side-effects), plus a fresh unauthenticated SYSTEM RCE class that defenders cannot pre-emptively patch. CVE-2026-42897 remains in CISA KEV (added 2026-05-15) with EEMS as the only listed mitigation; the Microsoft Exchange blog post addressing-exchange-server-may-2026-vulnerability-cve-2026-42897 linked from the MSRC advisory returns 502 on direct fetch and the MSRC entry itself is the operational primary (MSRC CVE-2026-42897).

Defender response shift for on-premises Exchange 2016/2019/SE: treat the platform as severely threatened. Verify EEMS service is enabled (Get-ExchangeDiagnosticInfo, mitigation M2.1.x present in applied list); restrict ECP/EWS/OWA reachability from the internet at the WAF or reverse proxy where business-feasible; accelerate any in-progress Exchange Online migration; assume hypothetical compromise paths through both OWA-browser-context attacks (CVE-2026-42897) and a direct service-account SYSTEM RCE chain (Pwn2Own DEVCORE) until Microsoft ships permanent fixes for both. Exchange Online tenants are not in scope for either.