Pwn2Own Berlin 2026 produced four successful, independently discovered local privilege escalation (LPE) demonstrations on fully patched Windows 11 across the three competition days. Each demonstration used a distinct vulnerability class in a different Windows component, and each earned separate prize money — confirming that these are not variants of a single underlying issue but four genuinely different attack paths to SYSTEM privileges.
The total Windows 11 LPE count from Berlin 2026 makes Windows privilege escalation one of the most consistently exploitable target categories in competitive vulnerability research, a pattern that extends across multiple prior Pwn2Own events and reflects the scale and complexity of the Windows kernel attack surface.
The Four Distinct Vulnerability Classes
While full technical details will not be disclosed until patches are released (up to 90 days from the competition), the ZDI described the winning exploits at a class level during prize announcements:
Use-after-free in the Win32k kernel subsystem: The Win32k component, which handles the Windows GUI subsystem, has been a recurring source of LPE vulnerabilities across Windows versions. The use-after-free class — where code accesses memory after it has been freed and potentially reallocated — is one of the most reliable paths to kernel privilege escalation.
Race condition in a Windows kernel driver: Race conditions in kernel driver code produce intermittent exploitability that is often overlooked in code review but can be made reliable with appropriate timing techniques. This vulnerability class is particularly common in drivers managing shared hardware resources.
Integer overflow in a Windows component privilege boundary: Integer overflow vulnerabilities that cross a privilege boundary — typically when the kernel processes data supplied by a user-mode process — have been productive in Windows LPE research for over a decade. Each Windows update cycle addresses some, but the attack surface consistently produces new instances.
Type confusion in the Windows kernel object manager: Type confusion errors, where the kernel processes an object as a type it is not, produce arbitrary kernel read/write primitives that are highly reliable for privilege escalation. The object manager is a complex subsystem and a historically productive LPE research target.
Implications for Endpoint Security Architecture
Four distinct LPE paths on Windows 11 in a three-day competition has operational implications for how organisations defend Windows endpoints:
LPE is the standard second stage: Modern endpoint attacks rarely attempt direct SYSTEM-level initial access. Instead, they achieve initial execution at user privilege — via phishing, browser exploitation, or malicious document — and then use an LPE to escalate to SYSTEM for credential dumping, persistence, and lateral movement. The consistent availability of Windows LPE bugs means that any initial access capability can be reliably elevated to SYSTEM on unpatched systems.
Patch velocity matters more than endpoint configuration: Organisations sometimes focus endpoint security investment on configuration hardening — disabling features, restricting scripting, applying CIS benchmarks — as a substitute for rapid patching. Configuration hardening reduces attack surface but does not address kernel LPE vulnerabilities, which bypass most user-mode controls by definition. The Windows 11 LPE results reinforce that patch velocity on the underlying OS is a non-negotiable security baseline.
Kernel exploit mitigations have raised the bar but not closed the gap: Windows 11 introduced and improved several kernel exploit mitigations: Kernel Data Protection (KDP), Control Flow Guard (CFG), Arbitrary Code Guard (ACG), and hypervisor-protected code integrity (HVCI). These mitigations make exploitation harder and eliminate entire classes of older techniques. Yet four LPE paths were still demonstrated on a fully patched, presumably HVCI-enabled Windows 11 system. Mitigations are valuable; they are not a guarantee.
Operational Recommendation
Review your Windows patch deployment pipeline for client endpoints and servers. Each of the four LPE paths demonstrated at Pwn2Own Berlin will receive a CVE and a patch within 90 days. When those patches arrive, the window between patch release and active exploitation in the wild can be as short as 24–48 hours for Windows LPE bugs that are known to the community. A patch deployment cycle measured in weeks is inadequate for this threat model.
Share this article