Recently, a serious vulnerability was discovered that affects multiple Nintendo consoles. This vulnerability could allow unauthorized access to Switch, 3DS, and Wii U via online game hosts. Nintendo has reportedly been working on a patch to the game to eliminate an exploit known as ‘ENLBufferPwn’ for some time, and several updates have already been rolled out to address the situation ( Thank you, All about Nintendo).
Vulnerabilities classified as Critical in the Common Vulnerability Scoring System (CVSS) and in full detail Github Along Pablo MK7, Rambo6GlazWhen fish guy 6564reportedly exposing a victim’s device to complete remote control simply by playing an online game with a potential attacker. This means that you may run it and get an audio or video recording.
This vulnerability was reported to Nintendo in “2021/2022”. @Pavlomukh 6 — who claimed to have received a $1000 “bounty” through Nintendo hacker one program — and it is now understood that the company has taken action to fix the issue in several of the affected games, including the recently updated Mario Kart 7 after more than a decade.
While most popular Switch titles appear to have been fixed already, Wii U’s Mario Kart 8 and Splatoon have yet to be addressed and may be affected by the vulnerability.
Here is the list of affected titles: GitHub page:
Although unconfirmed at this time, it is speculated that other games may also be affected by this vulnerability.
See PabloMK7’s video below for the exploit in action. In this video, the attacker (left console) remotely hijacks her unmodified 3DS (right) by copying and executing a Return Oriented Programming (ROP) payload. remotely. The victim’s console is then forced to run a custom firmware installer. An attacker is believed to be able to remotely steal sensitive information from her console using the same technique. Thankfully, this has now been fixed and is no longer doable if you’re running the latest version of the software. If not, be sure to update!
Nintendo’s relatively restrictive approach to online play seems to have its advantages when it comes to security issues like this. @ Luigi Brad Discuss exploits:
The two games mentioned above are Mario Kart 8 and Splatoon. If you’re still playing any of these titles online on your Wii U, we recommend that you exercise extreme caution or avoid them altogether until more details emerge. will update this article.
what do you think of this? Share your thoughts in the comments below.
