In association with heise online

15 November 2012, 09:47

Alleged security hole in CryENGINE 3 game engine

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Games icon Computerworld reports that, at the recent Power of Community (POC2012) security conference, security specialists from ReVuln presented security holes in numerous online-enabled games. For example, ReVuln says that it managed to compromise a computer by exploiting a hole in the Nexuiz multi-player first person shooter. However, the company has so far not released any vulnerability details.

Instead, a video has been released to demonstrate that a custom-built exploit is functional. According to ReVuln, the holes are contained in CryENGINE 3, a game engine that is used by Nexuiz and many other games. This means that other games that are based on CryENGINE 3 could also potentially be affected.

CryEngine 3 Remote Code Execution

As part of their presentationPDF, the security researchers also demonstrated a denial-of-service (DoS) attack on a game server of the popular Call Of Duty: Modern Warfare 3 PC game. The company is hoping to attract commercial contracts with the affected game developers to close the security holes.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit