Nintendo secretly fixed a security flaw in several games on the Switch, 3ds in Wii U dissolved. That bug allowed hackers to completely take over your console.
A few weeks ago, fans were surprised when Mario Kart 7 received an update for the first time in ten years. However, it now appears that the patch primarily addressed this security issue. For the same reason, Mario Kart 8 Deluxe, Animal Crossing: New Horizons, ARMS, Splatoon 2 and Super Mario Maker 2, among others, received an update last year.
Here is ENLBufferPwn (CVE ID pending), a major vulnerability in many 3DS, Wii U and Switch first party games. Allows remote code execution on a victim’s console simply by having an online gaming session with an attacker.
Vulnerability Report: https://t.co/QbvXKQLeDf
🧵(1/7) pic.twitter.com/4qewU5YQ9x— PaulMK7 (@Pablomf6) December 24, 2022
The security issue is known as “ENLBufferPwn” and was reported to Nintendo via the HackerOne program. The discoverers were awarded a $1,000 reward.
Mario Kart 8 Deluxe also received an update late last year. However, it mostly served the Mario Kart 8 Deluxe Wave 3 DLC to add to the game.
