A proof-of-concept video was published over the weekend that shows a vulnerability found in Nintendo Switch that was released early this month. Interestingly, the bug found on Nintendo’s latest console is the same one that hackers found in iOS 9.3 webkit browser. The exploit CVE-2016-4657 found in WebKit in Apple iOS before 9.3.5 “allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site” and the Switch workaround relies on the same exploit to execute code via the captive portal used by the Switch’s Wi-Fi.
This does not mean that the Switch will be able to run homebrew apps or pirated games but rather a first step towards what can be achieved in the future. And yes, pirated games is a possibility, much to Nintendo’s dislike.
That said, now that the exploit is in the open, it’s just a matter of time Nintendo issues a software update to close it down.
Leave a Reply