Game Console Vulnerability Identified

PandaLabs has detected a vulnerability that affects the PlayStation Portable (PSP) gaming console.

This flaw is a buffer overflow that allows malicious code to be run on these devices. It is important to mention that a proof of concept already exists that exploits this flaw and works on all versions of PSP firmware that can view TIFF files. In view of this situation, it seems that it would not be too difficult to program malicious code to exploit this security hole.

According to Luis Corrons, director of PandaLabs: "The vulnerability detected is particularly dangerous, as it could be exploited through malicious code programmed for this purpose or even directly by hackers."

This is not the first case of an attack on gaming consoles. Last year, PandaLabs detected malicious codes designed to target these devices. To be more specific, these were the Format.A and Tahen (variants A and B) Trojans. These Trojans were extremely dangerous as their attacks deleted critical files, and could even irreversibly render the console unusable, in the case of PSP.

"It is highly recommended not to install software that does not come from reliable sources on consoles. Before doing so, it is advisable to scan it first with an updated antivirus solution. Similarly, external communication (USB, IrDA or WiFi) should not be established with untrustworthy consoles or computers that could transfer unwanted information," concludes Luis Corrons.

Posted by Jon Erickson at 10:13 AM  Permalink