Pwn2Own 2025: WhatsApp Exploit Withdrawal and Low-Risk Vulnerabilities Disclosed

First reported

25.10.2025 14:36

Last updated

1 unique sources, 1 articles

Summary

Hide ▲

A researcher planned to demonstrate a $1 million zero-click remote code execution exploit against WhatsApp at the Pwn2Own hacking contest. The demonstration did not occur, and the researcher withdrew from the competition. The researcher disclosed two low-risk vulnerabilities to Meta, which are being reviewed by WhatsApp. The exploit's technical viability remains unclear. The researcher, Eugene (3ugen3) from Team Z3, cited concerns about the exploit's readiness for public demonstration. The vulnerabilities disclosed are not useful for achieving arbitrary code execution. The researcher's identity and specific details about the vulnerabilities remain confidential.

Timeline

25.10.2025 14:36 1 articles · 1d ago

Pwn2Own 2025: WhatsApp Exploit Withdrawal and Low-Risk Vulnerabilities Disclosed
A researcher planned to demonstrate a $1 million zero-click remote code execution exploit against WhatsApp at Pwn2Own 2025. The demonstration did not occur, and the researcher withdrew from the competition. The researcher disclosed two low-risk vulnerabilities to Meta, which are being reviewed by WhatsApp. The exploit's technical viability remains unclear. The researcher, Eugene (3ugen3) from Team Z3, cited concerns about the exploit's readiness for public demonstration. The vulnerabilities disclosed are not useful for achieving arbitrary code execution. The researcher's identity and specific details about the vulnerabilities remain confidential.
Show sources

$1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal — www.securityweek.com — 25.10.2025 14:36
Open in new tab

Information Snippets

A researcher planned to demonstrate a $1 million zero-click remote code execution exploit against WhatsApp at Pwn2Own 2025.
First reported: 25.10.2025 14:36

1 source, 1 article
Show sources
- $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal — www.securityweek.com — 25.10.2025 14:36
The researcher withdrew from the competition due to concerns about the exploit's readiness.
First reported: 25.10.2025 14:36

1 source, 1 article
Show sources
- $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal — www.securityweek.com — 25.10.2025 14:36
The researcher disclosed two low-risk vulnerabilities to Meta, which are being reviewed by WhatsApp.
First reported: 25.10.2025 14:36

1 source, 1 article
Show sources
- $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal — www.securityweek.com — 25.10.2025 14:36
The vulnerabilities disclosed are not useful for achieving arbitrary code execution.
First reported: 25.10.2025 14:36

1 source, 1 article
Show sources
- $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal — www.securityweek.com — 25.10.2025 14:36
The researcher's identity and specific details about the vulnerabilities remain confidential.
First reported: 25.10.2025 14:36

1 source, 1 article
Show sources
- $1M WhatsApp Hack Flops: Only Low-Risk Bugs Disclosed to Meta After Pwn2Own Withdrawal — www.securityweek.com — 25.10.2025 14:36