There is a security vulnerability in the PlayStation 4 and PlayStation 5 that, according to an expert, cannot be fixed. It is “in principle” not to be stuffed. Sony has known about the danger for about a year, but has not yet responded.
Gap in PS4 and PS5: Sony remains idle
Security researcher CTurt has one serious vulnerability in the PS2 emulator of the PlayStation 4 and 5 established. According to his own statements, he informed Sony about the problem a year ago. So far, Sony hasn’t closed the gap – and it’s likely to remain so in the future. In CTurt’s opinion, the gap cannot be plugged “in principle”. In principle, any code can be executed on the consoles via them.
Hackers have a number of options at their disposal to gain control of the PS2 emulator. According to CTurt, some of them should activated at the touch of a button can be used, while others require a specially formatted file on the memory card. A downloaded PS2-on-PS4 game or a PS2 game offered on a physical PS4-compatible disc is required.
Sony’s hands are more or less tied, since the affected emulator included with every available PS2 on PS4 game and is not stored separately as a core part of the console’s operating system. The PS2 emulation, according to CTurt, “fundamentally violates Sony’s own security model, as it leaves privileged code without readily available mechanisms to fix potential future vulnerabilities.”
This is how PS4 (Pro) and PS5 differ:
PS4 and PS5: Programs can be run
The gap in the emulator makes it possible to run complex programs. These include, among other things illegally purchased PS4 games or other emulators not officially available. Perhaps the vulnerability could also be exploited in such a way that other security components of the consoles could be attacked (source: CTurt at GitHub).