Researcher demonstrates ESXi guest-to-host escape

Nguyen Hoang Thach of STARLabs SG demonstrated a successful exploit against VMware ESXi at Pwn2Own Berlin on May 16, according to contest organizer Zero Day Initiative and VMware owner Broadcom. The exploit was listed by Zero Day Initiative as a VMware ESXi entry with a “Cross-tenant Code Execution” add-on, a category that carries a higher payout because it shows code execution beyond a single guest boundary. Broadcom said the attempt was the only successful exploit against its products during the May 14-16 contest in Berlin. The contest ended with 47 unique zero-days and $1,298,250 in awards, according to Zero Day Initiative and Broadcom. ### Who carried out the ESXi exploit, and what did the contest say it achieved? Zero Day Initiative said Nguyen Hoang Thach of STARLabs SG used a memory corruption bug to exploit VMware ESXi on May 16. The organizer awarded the entry $200,000 and 20 Master of Pwn points, and described it as a successful ESXi exploit with the Cross-tenant Code Execution add-on. (zerodayinitiative.com) Broadcom identified the same researcher and said he “successfully demonstrated an exploit targeting VMware ESX.” The company did not publish technical details of the vulnerability in its initial post-contest statement. ### What does “guest-to-host” or “cross-tenant” mean in this case? VMware ESXi is the hypervisor layer that runs virtual machines on a physical server. (zerodayinitiative.com) In Pwn2Own’s virtualization category, a successful “VMescape” demonstration means code execution crosses out of the guest environment and reaches the host-side ESX target, according to VMware’s pre-event description of the contest. (blogs.vmware.com) Zero Day Initiative’s published result did not spell out a full exploit chain, but its “Cross-tenant Code Execution” label indicates the exploit went beyond a single virtual machine boundary in the contest’s scoring model. That is an inference from the contest terminology and payout category, not a public vendor advisory. (blogs.vmware.com) ### How unusual was this result inside the broader Pwn2Own event? Pwn2Own Berlin 2026 ran from May 14 through May 16 alongside OffensiveCon in Berlin, VMware and Zero Day Initiative said before and after the event. Day Three alone pushed the contest to final totals of 47 unique zero-days and $1,298,250 in payouts, with DEVCORE winning Master of Pwn and STARLabs SG finishing second. (zerodayinitiative.com) Day Three also included a failed ESXi attempt by Giuseppe Calì of Summoning Team before Thach’s successful run later in the round, according to Zero Day Initiative’s results page. Broadcom said after the event that it had witnessed one successful attempt on its products. ### Why did the ESXi entry pay $200,000? (blogs.vmware.com) VMware said before the contest that a successful VMescape against ESX carried prize money of $150,000, with an additional $50,000 bonus available. Zero Day Initiative’s results show Thach received the full $200,000, matching that base award plus add-on structure. The same VMware post said Broadcom’s product security team would be on site in Berlin to validate any ESX VMescape demonstrations. (zerodayinitiative.com) That setup is standard for Pwn2Own, where vendors observe live exploit sessions and receive the bug details privately after a valid demonstration. ### What happens next for VMware customers? (blogs.vmware.com) Broadcom said on May 16 that it was “actively working on the remediation” and planned to publish a VMware Security Advisory with update information for affected products. The company thanked Zero Day Initiative and STARLabs SG for working with it on the reported issue. Trend Micro’s Zero Day Initiative said after the contest that vendors receive 90 days to produce patches for contest-disclosed bugs. (blogs.vmware.com) Broadcom has not yet published the advisory referenced in its May 16 post, based on the material reviewed here. (newsroom.trendmicro.com)