Critical vulnerability in the way Sony PS3, PS4, and PS5 consoles read Blu-Ray discs allows rooting and modifying the firmware

At least two generations of PlayStation consoles could be affected by a newly revealed exploit that exists due to a bug in the way these systems handle Blu-Ray discs. The successful exploitation of the flaw would allow the use of custom code in these consoles, leaving open the possibility of using homebrew software.

Sony has always put great interest in the security of its line of consoles, constantly correcting even the minimum exploit and preventing users from modifying the software of their PlayStation. Although the company does this as a means of preventing piracy and cheating in competitive video games, these security mechanisms also prevent the use of custom software, a practice considered legitimate by enthusiasts and developers.

Andy Nguyen, a renowned security engineer, recently introduced an exploit that would allow arbitrary code to be executed on PlayStation 4 and PlayStation 5 consoles for the specific purpose of executing custom code on these systems. It is also possible for the exploit to work on PlayStation 3 consoles, although the method has not been effectively tested in this version.

For some home software enthusiasts, this is a hack similar to the popular FreeDVDBoot, detected on PlayStation 2. This technique allowed games recorded on burned discs to be run without the need to make physical modifications to the console. Methods like this have become more important since issues such as video game conservation started to become relevant.

Despite attempts to preserve old video games as a cultural expression, Sony (and companies in general) continues to try to scuttle any attempt to modify its software, always arguing that the use of homebrew software simply benefits the creators of pirated video games.

Many people believe that the industry’s stance has simply led independent developers to undertake better and more organized efforts to find ways to use homebrew software. A well-known example is that of the PlayStation 4 console, considered highly difficult to modify until a bug in firmware version 9.0 opened the door to multiple modification methods.

Feel free to access the International Institute of Cyber Security (IICS) websites to learn more about information security risks, malware variants, vulnerabilities, and information technologies.