At the competition held in China (analogous to Pwn2Own for Chinese security researchers) demonstrated two successful hacks and one hack in the Ubuntu environment, which allowed you to exit the isolated environment and execute code on the host side. The hacks were performed using 0-day vulnerabilities that have not yet been patched. In addition, the competition successfully exploited new vulnerabilities in Edge, Safari, Office 365, Adobe PDF Reader, VMWare Workstation, and the D-Link DIR-878 wireless router.
During the two days of the competition, 28 attempts were made to demonstrate hacks using 0-day vulnerabilities, of which 20 were successful. The most successful group was 360Vulcan, which earned 382 thousand dollars during the days of the competition, of which 200 thousand dollars were paid for the VMWare exploit, and 80 thousand dollars for the QEMU attack in the Ubuntu environment. The Tianfu Cup competition was organized after the Chinese government banned Chinese security researchers from participating in international software hacking competitions like Pwn2Own last year.
Source: opennet.ru