Socialpost

Complete News World

A serious vulnerability has been discovered in various Nintendo games for Nintendo 3DS, Wii U and Nintendo Switch – Ntower

Even back in the NES days, there were various bugs in games or console firmware that hackers exploited to run cheats or run pirated copies. Traditionally, however, the owner had to choose to actively exploit these vulnerabilities. The error shown today is more serious.

PabloMK7 hacker revealed todayENLBufferPwn, perhaps the most serious vulnerability ever found in a Nintendo system. With it, it is possible to gain complete control over another system when you are in the same online lobby with the victim. Not only can hackers use it to manipulate games, but in the case of the Nintendo 3DS and Wii U, they can also record video and audio. Nintendo was made aware of the bug by several hackers in 2021 and 2022 via the HackerOne program, which resulted in quite a few games receiving updates. The most famous example is the recently released update for Mario Kart 7. However, not all games have been updated yet. With Mario Kart 8 and Splatoon, only two of the major Wii U games are at risk. We have attached a list of some of the affected games. Addresses not previously reported may be subject to error.

  • Mario Kart 7 (bug fixed in v1.2)
  • Mario Kart 8 (bug not fixed yet)
  • Mario Kart 8 Deluxe (bug fixed in version 2.1.0)
  • Animal Crossing: New Horizons (2.0.6 bug fixed)
  • ARMS (bug fixed in version 5.4.1)
  • Splatoon (bug not fixed yet)
  • Splatoon 2 (fixed in v5.5.1)
  • Splatoon 3 (bug fixed in late 2022)
  • Super Mario Maker 2 (3.0.2 bug fixed)
  • Nintendo Switch Sports (bug fixed late 2022)
See also  DICE explains the XP mess around the portal

At least in Mario Kart 7, the bug has already been exploited, such as a previously unknown video by a Japanese player on YouTube shows.

Content from external websites will not be automatically downloaded and displayed without your consent.

By activating external content, you consent to the transfer of personal data to third-party platforms. We have provided more information about this in our data protection declaration.

Whether newer games such as Pokémon Crimson or Crimson contain this vulnerability is unknown. However, since this was pointed out to Nintendo several months ago, Nintendo Switch Sports may be the latest game to suffer from this problem. The question now is, will Nintendo update Splatoon and Mario Kart 8, or perhaps disable the online features for those titles altogether? We will keep you updated.

Content from external websites will not be automatically downloaded and displayed without your consent.

By activating external content, you consent to the transfer of personal data to third-party platforms. We have provided more information about this in our data protection declaration.