PS4 and PS5: Sony can not fix huge security vulnerability

PS4 and PS5: Sony can not fix huge security vulnerability

There is a security issue in the PlayStation 4 and PlayStation 5 that is impossible to fix, according to an expert. It is "fundamentally" impossible to fix. Sony has known about the danger for about a year, but has not reacted yet.

Hole in PS4 and PS5: Sony remains inactive

The security researcher CTurt has identified a serious flaw in the PS2 emulator of the PlayStation 4 and 5. According to his own information, he already informed Sony about the problem a year ago. So far, Sony has not fixed the bug - and that is likely to remain the case in the future. According to CTurt, the hole cannot be plugged "in principle". In principle, it can be used to execute arbitrary code on the consoles.

In order to gain control over the PS2 emulator, hackers have a whole range of possibilities at their disposal. According to CTurt, some of them can be activated by simply pressing a button, while others require a specially formatted file on the memory card. What is needed is a downloaded PS2-on-PS4 game or a PS2 game that is offered as a physical, PS4-compatible disc.

Sony's hands are more or less tied, they say, as the affected emulator is included with every available PS2-on-PS4 game and is not stored separately as a core part of the console's operating system. According to CTurt, the PS2 emulation "fundamentally violates Sony's own security model by leaving privileged code without readily available mechanisms to fix potential future vulnerabilities."

PS4 and PS5: programs can be executed

It is possible to execute complex programs via the gap in the emulator, he said. These include PS4 games that have not been legally purchased or other emulators that are not officially available. Perhaps the gap could also be exploited in such a way that other security components of the consoles could be attacked (source: CTurt at GitHub).

In case you have found a mistake in the text, please send a message to the author by selecting the mistake and pressing Ctrl-Enter.

Comments (0)

    No comments yet

You must be logged in to comment.

Sign In / Sign Up