CVE-2023-20869/20870: Exploiting VMware Workstation at Pwn2Own Vancouver

This post covers an exploit chain demonstrated by Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) of STAR Labs SG Pte. Ltd. during the Pwn2Own Vancouver event in 2023. During the contest, he used an uninitialized variable bug and a stack-based buffer overflow in VMware to escalate from a guest OS to execute code on the underlying hypervisor. His successful demonstration earned him $80,000 and 8 points towards Master of Pwn. All Pwn2Own entries are accompanied by a full whitepaper describing …

blog post buffer buffer overflow bug code contest cve event exploit exploiting labs overflow pwn2own vancouver variable vmware vmware workstation workstation