VMware Security Response Center Misc

VMware and Pwn2Own Vancouver 2022

Update May 20, 2022

The 2022 Pwn2Own contest has wrapped up and we are excited to have witnessed many attempts made across targets throughout the week. Despite there being some interest in vSphere ESXi and Workstation, no registrants were scheduled as the deadline arrived for researchers. We would like to thank ZDI for bringing back a hybrid attendance model and celebrating their 15th anniversary of the contest.

Details of the contest outcomes and overall leaderboard can be viewed here.

Original Post

Greetings from VMware Security Response Center!!

We’re excited to share that VMware will be part of the 2022 Pwn2Own Contest on May 18th-20th 2022 in Vancouver, Canada. Unlike last year/recent years, where we participated from our home offices, we get the opportunity to return in-person to validate any demonstrations of a VMescape.

We will have two of our Hypervisors, VMware ESXi – Type 1 and VMware Workstation – Type 2 as targets in the virtualization category with prize money of $150,000 and $75,000 respectively.

Hacking contests like this, give us a great opportunity to meet with highly skilled security researchers and understand their approach of finding issues in our products. Ultimately, this is an excellent collaborative approach to securing our products. VMware takes its commitment to product security seriously, and contests are just one part of our continuous rigor of lifecycle management, security testing and response readiness.

We would like to thank Zero Day Initiative (ZDI) for allowing us to participate and return in-person to the upcoming event. We always look for ways to support & engage with security community and have been sponsoring the event since 2018.

Stay tuned! This post will be updated with more information as they become available.

If you would like to be kept informed on VMware Security Advisories (VMSAs) please sign up here for new and updated information.