"Critical vulnerabilities" found in Call of Duty: Modern Warfare 3, CryEngine 3

Share

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the PC Gamer Newsletter

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Every Friday

GamesRadar+

Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.

Signup +

Every Thursday

GTA 6 O'clock

Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.

Signup +

Every Friday

Knowledge

From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.

Signup +

Every Thursday

The Setup

Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.

Signup +

Every Wednesday

Switch 2 Spotlight

Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.

Signup +

Every Saturday

The Watchlist

Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.

Signup +

Once a month

SFX

Get sneak previews, exclusive competitions and details of special events each month!

Signup +

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

If you thought the biggest thing you had to worry about in Modern Warfare 3 was a knife in the back while you were camped out sniping, you might have to think again. At the Power of Community security conference in Seoul, two researchers appear to have found "critical vulnerabilities" in the game - along with Crytek's CryEngine 3 - as reported by Computer World .

At the conference, ReVuln security consultants Luigi Auriemma and Donato Ferrante presented the results of their research. Along with a video showing how a denial-of-service attack could trouble Modern Warfare 3, they demonstrated how a server-level attack on CryEngine 3 (using the game Nexuiz) let them "create a remote shell on a game-player's computer", granting access to "all of the information on the players through the server". The pair plan to reveal "advisories" on the two vulnerabilities tomorrow, on the launch day of Black Ops II. They're also willing to offer their assistance to Activision, but as Computer World put it, they "aren't going to volunteer the information, since their research is part of their business."

As well as accessing players' information, Ferrante says that these vulnerabilities could be used by rival companies to shut down their competitors' games entirely. He blames the focus on game performance over security for these flaws. "In general, game companies don't seem to be very focused on security but rather on performance of the game itself, Ferrante said. Adding security checks can slow down games, and if the companies don't deem the problem a very critical issue, it will usually be ignored."