RCE Vulnerability Discovered in Dark Souls 3 Allows Remote PC Takeover
Over the past weekend, the developers of the Dark Souls game series announced that the PC servers for Dark Souls: Remastered, Dark Souls 2, Dark Souls 3, and Dark Souls: Prepare to Die Edition have been temporarily shut down due to a dangerous RCE (Remote Code Execution) vulnerability. This flaw allows attackers to remotely take control of another user’s computer.
Exploit Demonstrated Live on Twitch
The issue was first reported by Dexerto, which revealed that the exploit was demonstrated live during a Twitch stream. Streamer The__Grim__Sleeper was playing Dark Souls 3 when, near the end of the stream (at 1:20:22), strange things began happening to his computer. Initially, the game kept crashing repeatedly, and then Microsoft’s text-to-speech feature suddenly activated, with a synthesized voice criticizing the streamer’s gameplay.
The__Grim__Sleeper was shocked and explained that Microsoft PowerShell had opened on its own, indicating that a hacker used it to run a script that triggered the text-to-speech function.
Hacker Tried to Warn Developers
It appears the streamer was not just a random victim. According to a screenshot from the Discord server SpeedSouls, the hacker had discovered the vulnerability some time ago and tried to contact the developers at FromSoftware. After being ignored, the hacker began targeting streamers to draw attention to the issue.
Fan-Made Anti-Cheat Updated
According to a Reddit post, the fan-made anti-cheat tool Blue Sentinel has already been updated and can now prevent exploitation of this vulnerability. The same post clarifies that rumors about the exploit being leaked publicly are likely false, as only four people knew how to use the vulnerability: two Blue Sentinel developers and two others who helped discover the bug.
Server Downtime and Ongoing Fixes
Developers and representatives from Bandai Namco, the publisher of Dark Souls, have not yet announced how long the game servers will remain offline. However, it is clear that work is underway to fix the vulnerability. It is also emphasized that this shutdown does not affect PvP servers for Xbox and PlayStation.