Nintendo Switch exploit discovered, leverages old iOS WebKit jailbreak method

in General Discussion
Hackers have worked out a way to "jailbreak" the Nintendo Switch by attacking the game console's web browser, a technique that reused a vulnerability discovered in early 2016 commonly used to jailbreak iPhones running iOS 9.3.

A prolific hacker going by "qwertyuiop," previously known for iOS and PlayStation 4 jailbreaks, posted a screenshot of a supposed Webkit exploit on the handheld console on March 11, reports Wololo. A proof of concept for the hack has also been published by developer LiveOverflow today, based on the information revealed earlier.

According to qwertyuiop, he made a slight alteration to his existing iOS Webkit exploit to remove iOS-specific code. The proof of concept relies on hosting files on a local web server, then using tools to force the Switch's browser to access the files.

The original exploit, CVE-2016-4657, affects Webkit versions before 9.3.5, and is described by the National Vulnerability Database to allow "remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site." Apple has already patched this vulnerability, protecting users who have updated their iOS devices, but it appears Nintendo did not use a later and more secure version of Webkit in its browser.

The vulnerability could allow hackers the ability to install their own software on the Switch, opening up the possibility of using it for homebrew projects, or for playing pirated games. Such exploits are typically patched by console producers relatively quickly, especially shortly after the launch of new hardware, so a fix from Nintendo to close the vulnerability is likely to arrive in the near future.

The Nintendo Switch does include a web browser, though not one intended for typical Internet use. The browser is effectively only included for a limited number of situations, such as to give users the ability to log into public Wi-Fi hotspots, and has been restricted from being used for alternative purposes, but Nintendo may choose to introduce full browser functionality in a future update.


  • Reply 1 of 4
    linkmanlinkman Posts: 923member
    You would think that manufacturers would be smarter than this -- including old versions of software with known vulnerabilities makes it so much easier for hacks rather than make the hackers actually have to do some hard work on finding all-new holes. Did they install SSH-1 also?
  • Reply 2 of 4
    SpamSandwichSpamSandwich Posts: 31,309member
    People actually want to buy this thing? Why?
  • Reply 3 of 4
    bbdroidbbdroid Posts: 13member
    People actually want to buy this thing? Why?
    Because it's a wonderful gaming machine.
  • Reply 4 of 4
    tallest skiltallest skil Posts: 43,399member
    bbdroid said:
    Because it's a wonderful gaming machine.
    The plastic screen and (dare I say it) failure to improve graphics hardware are turnoffs for me. I LIKE the idea of a tablet gaming device with physical buttons on the side, but if they want it to succeed as a platform, they’ll have to do more than just rely on their first party content. Not to say that won’t sell like gangbusters, but without any third parties I don’t see the Switch doing much better than the WiiU. It has to push the envelope in some way, and you can’t do that if your hardware is so limited that you’re lagging frames on a game designed for your predecessor.
Sign In or Register to comment.