PS5 Under Threat? Critical Vulnerability Found in Firmware 10.40

Famous security researcher Andy Nguyen, also known by his stage name The Flow, reported the discovery new vulnerability in the operating system PlayStation 5. The vulnerability is present in the firmware. 10.40, which remained relevant until December 2024 and may allow privilege escalation user and arbitrary code execution.

The study found that in the system call sys_fsc2h_ctrl it is possible to cause a situation in which memory located in is freed kernel stackwhich can lead to escalation of privilegesThis effect is achieved by a specific interaction between several threads, where one of them writes data to a memory area located on the stack of another thread, after which this area is prematurely freed.

Although Dr. Fulmes’s exploit based on this vulnerability has not yet been developed, experts admit that a potential hack could open the way to run unofficial software on newer versions of the console. This is especially important because the last vulnerable firmware that pirate teams have had success with is 7.61, released in August 2023. Firmware 8.00 and above remained protected from any exploits until now.

Given the seriousness of the problem, we can expect a prompt response from Sony. However, the vulnerability has already received a number #2900606 in the PlayStation database, meaning its existence is recognized. If independent groups manage to build a full-fledged jailbreak, it could be the most significant breakthrough for the PS5 scene in the last year and a half.