Security hole older versions Switch firmware allows elevated permissions
An exploit has been discovered with all but the latest Nintendo Switch firmware versions that can grant elevated privileges to the user. This is a prerequisite for future exploits that could enable homebrew, emulation and backups to run.
According to homebrew website Switchbrew.org, in version 3.0.0 and earlier, it is possible for a user to gain full system privileges by “creating a new sm: port session but bypassing initialization.” Obtaining system privileges includes the ability to install proprietary software on the Switch, which would introduce features that Nintendo itself does not consider desirable. A Switch Hacker describes it as ‘the best you can have, apart from a full kernel pwn’.
Discussions surrounding the vulnerability in the Switch emphasize that while a security hole has been found that allows increased privileges, no actual exploits have yet been written that take advantage of this. This is because the Switch is still a relatively young console and the OS has yet to be properly mapped out by the hacker community.
Downgrading to version 3.0.0 or lower is not an option. The Switch has a number of eFuses on board that are all ‘burnt out’ with firmware updates. With each firmware version, the console checks whether the correct amount of eFuses has been used. If the version and amount of remaining eFuses do not match, the console will have to update first. There may also be a chance of a completely defective console, or a brick.
Switch owners who want to wait for this vulnerability to actually lead to capabilities like homebrew, emulation, and backups won’t need to update their consoles. However, this does mean that future functionalities and games will not be accessible, as they will most likely have the latest firmware version as a condition. In fact, if connected to the internet, the Switch already refuses service unless the 3.0.1 update is installed. Those who want to take advantage of both the future possibilities of the vulnerability and the regular possibilities of the console will have to buy a second Switch.
Users of the above-linked discussion thread on NeoGAF report that they are currently still finding Switch consoles with older firmware versions in stores. The latest firmware version for the Switch, version 3.0.1, was released at the end of July. The vulnerability may have been concealed by hackers who knew about it until Nintendo could release an update and they were rewarded for this. It’s also possible that Nintendo found out about the vulnerability itself; the Switch hacker group Reswitched considers the vulnerability an obvious one.