It appears that all Nintendo Switch firmware versions below 3.0.1 are vulnerable to a exploit that grants increased permissions to the user.
Access to the platform’s full system privileges are required to run future exploits on the Switch. According to homebrew website Switchbrew.org, full permissions can be granted by creating a new "sm:" port session:
Prior to 3.0.1, the service manager (sm) built-in system module treats a user as though it has full permissions if the user creates a new "sm:" port session but bypasses initialization. This is due to the other sm commands skipping the service ACL check for Pids <= 7 (i.e. all kernel bundled modules) and that skipping the initialization command leaves the Pid field uninitialized.
While an exploit appears to have been discovered for Nintendo’s latest platform, no actual exploits have been written for it. For those with the latest Switch firmware – downgrading to firmware version 3.0 isn’t an option as the platform uses eFuses which are burnt through updates. Each time the firmware is updated, the Switch checks whether the right amount of eFuses have been used or not. If this is not the case, the Switch will prompt for a firmware update.
Nintendo released the Switch back in March of this year. Firmware version 3.0.1 was released last month, but it appears that older firmware is still present on Switch’s at retailers.
About the author: Passionate gamer since the NES era and begun writing about games in 2014. Joined Wccftech gaming section in 2015. Has owned every console since then. Can never make up his mind on what console to play. Weird sense of humor but can be funny from time to time.
Follow Wccftech on Google to get more of our news coverage in your feeds.
