New PS4 Exploit Could Open Doors for PlayStation 5
Detailed information about a new exploit has been published online, allowing users to install custom software on PlayStation 4 consoles running relatively recent firmware versions. It appears that similar capabilities may soon become available for certain versions of the PlayStation 5 as well.
How the Exploit Works
The new exploit is based on a known bug in the PS4’s WebKit and involves the use of font-faces. The proof-of-concept for the PS4 exploit was first released in October, following the discovery of a similar vulnerability in Apple Safari’s WebKit implementation in September.
Well-known console hacker Spectre published a video demonstrating the exploit over the past weekend. By Monday, the necessary files and detailed instructions were already available on GitHub.
What This Means for PS4 Users
According to ArsTechnica, the exploit can be triggered on a PS4 simply by opening a specially crafted website in the console’s browser. This allows the system to execute kernel-level code, bypassing security measures. Once activated, the exploit can read files from a connected USB drive and install custom software, including third-party firmware for the PS4.
This isn’t the first time custom code has been run on the PS4. A previous exploit released in March worked on consoles with firmware up to version 7.55, which Sony had released about seven months earlier (in August 2020). The new exploit, released this week, works with firmware versions up to 9.00, which was released less than three months ago (at the end of September this year).
Limitations and Future Potential
Users with fully updated PS4 consoles won’t be able to use the new exploit, as the vulnerability was patched in firmware version 9.03, released on December 1. Enthusiasts on GitHub note that studying the differences between the last two firmware versions helps them understand how to unlock the exploit’s full potential.
Some hackers have already pointed out that the core issue behind the exploit “works on some PS5 firmware versions, although there is currently no known method to use it.” On Twitter, well-known hacker Znullptr (who also contributed to the new exploit) added that “the exploit also affects PlayStation 5,” but a full exploit for the PS5 isn’t ready yet, as “the lead developer currently doesn’t have a PS5 console.”