Hackers find ‘unpatchable’ breach on Nintendo Switch

Share on facebook
Share on twitter
Share on linkedin
Share on email

Well this is probably the last news that Nintendo wanted to hear today. Researchers have reported they’ve found an unpatchable vulnerability on the Switch console that may allow users to run pirated games. Yikes!

In a report on engadget, Reswitched researchers say they’ve discovered an exploit of bug-ridden code called Fusée Gelée (Frozen Rocket in the NVIDIA Tegra X1’s USB recovery mode. This could allow users to bypass the bootROM, which is normally protected.

“In the report ReSwitched claims that the exploit comes from a vulnerability in the Nvidia Tegra X1’s USB recovery mode that circumvents the lock-out operations that would normally protect the bootROM,” reads a report on Shacknews.

“This means that a bad length argument sent to an improperly coded USB procedure at just the right time can force the system to request massive amounts of data and overflow in the crucial direct memory access buffer in the bootROM.”

Essentially this means that hackers will be able to run arbitrary code on a Nintendo Switch console.

The reason this exploit is unpatchable is because the Tegra X1 bootROM on a Switch is hardcoded and can’t be changed once it leaves a manufacturing plant. In other words, this exploit can’t be fixed by a downloadable patch.

“Fusée Gelée isn’t a perfect, ‘holy grail’ exploit—though in some cases it can be pretty damned close,” ReSwitched’s Kate Temkin told Ars Technica.