A serious vulnerability known as ENLBufferPwn has been found in several convertsand 3DS and Wii U games. Credits for this discovery are PabloMK7, Rambo6Glaz, and Fishguy6564. The vulnerability, which was first discovered in 2021, has been reported to Nintendo.
Exploitation is particularly important as the victim’s device can be easily taken over. This can be done by simply conducting an online game session with an attacker. Given the score of 9.8/10 (Critical) it had on the CVSS 3.1 calculator, that just goes to show how dangerous it is.
When paired with other operating system exploits, an attacker can achieve complete control over the system. They can also steal sensitive information or take audio/video recordings.
to remember Mario Kart 7 version 1.2 update that appeared recently? Many were surprised that the game received a new patch after so many years. As it turns out, Nintendo was looking to fix the ENLBufferPwn exploit.
You see, Nintendo has begun to remedy the situation. Outside of Mario Kart 7, the vulnerability has been fixed in Mario Kart 8 Deluxe version 2.1.0And the Animal Crossing: New Horizons 2.0.6And the ARMS version 5.4.1And the Splatoon 2 version 5.5.1And the Super Mario Maker 2 version 3.0.2. It also appears to have been taken care of in Splatoon 3 and Nintendo Switch Sports for a little while. However, the affected Wii U titles – such as the original Mario Kart 8 and Splatoon – have yet to be patched and it’s not clear if any updates are in the works. It is also believed that there may be other games still affected by the exploit.
For those who want to get into more detail behind the ENLBufferPwn exploit, you can visit our Vulnerability Report page. here. We also suggest checking out the Twitter thread here.
Related
“Unapologetic communicator. Wannabe web lover. Friendly travel scholar. Problem solver. Amateur social mediaholic.”