{"id":130868,"date":"2022-12-28T11:15:00","date_gmt":"2022-12-28T11:15:00","guid":{"rendered":"https:\/\/www.nintendolife.com\/#article-143045"},"modified":"2022-12-28T11:15:00","modified_gmt":"2022-12-28T11:15:00","slug":"nintendo-has-been-patching-a-severe-vulnerability-found-in-some-online-switch-3ds-and-wii-u-games","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2022\/12\/28\/nintendo-has-been-patching-a-severe-vulnerability-found-in-some-online-switch-3ds-and-wii-u-games\/","title":{"rendered":"Nintendo Has Been Patching A “Severe” Vulnerability Found In Some Online Switch, 3DS, And Wii U Games"},"content":{"rendered":"
<\/a><\/div>\n
\"Switch\"<\/a>
Image: Damien McFerran \/ Nintendo Life<\/em><\/figcaption><\/figure>\n

A severe vulnerability affecting several Nintendo consoles was found recently, with the potential to allow unauthorised access to Switch, 3DS, and Wii U via a host of online games. It’s reported that for some time Nintendo has been working to patch games to eliminate the exploit known as ‘ENLBufferPwn’, with several updates already live to address the situation (thanks, Nintendo Everything<\/a>).<\/p>\n

The vulnerability, which has been categorised as ‘Critical’ on the Common Vulnerability Scoring System (CVSS)<\/a> and detailed in full on GitHub<\/a> by PabloMK7<\/a>, Rambo6Glaz<\/a>, and Fishguy6564<\/a>, reportedly exposes a victim’s device to complete remote control by simply playing an online game with a potential attacker. This means that attackers may gain access to sensitive information or take audio and video recordings by remotely executing code.<\/p>\n

The vulnerability was reported to Nintendo in “2021\/2022” by @Pablomf6<\/a> \u2014 who says they received a $1000 “bounty” via Nintendo’s HackerOne<\/a> program \u2014 and it is now understood that the company has taken action to fix the issue in some of the affected games, including Mario Kart 7<\/a>, which was recently updated after more than a decade<\/a>.<\/p>\n

It seems most high-profile Switch titles have already been fixed, but it looks like Mario Kart 8<\/a> and Splatoon<\/a> on Wii U have yet to be addressed and may still be affected by the vulnerability.<\/p>\n

Here’s a list of affected titles, as per the GitHub page<\/a>:<\/p>\n

It’s speculated that other games may also be affected by the vulnerability, although that’s unconfirmed at present.<\/p>\n

For a look at the exploit in action, take a peek at the below video from PabloMK7 which demonstrates an attacker (left console) remotely taking over an unmodified 3DS (right side) by copying a return-oriented programming (ROP) payload and executing it remotely. The victim console is then forced to run a custom firmware installer and it’s thought that the same technique would allow an attacker to steal sensitive information from a remote console. Thankfully, this has now been fixed and can no longer be carried out if you’re running the latest version of the software, so be sure to update if you haven’t!<\/p>\n