Nintendo Switch can be hacked via webkit exploit
A hacker has managed to hack into the Nintendo Switch by deploying an existing webkit exploit against the console’s browser. A developer has released a proof-of-concept based on the vulnerability.
The hacker qwertyoruiop has an image on Twitter posted stating that he reused an old webkit exploit. The hacker previously successfully worked on iOS jailbreaks and was also responsible for a PS4 1.76 exploit, according to Wololo.
According to the same site, another developer has since released a proof-of-concept based on the same vulnerability, labeled CVE-2016-4657. The Switch’s browser is somewhat hidden and only intended for logging into hotspots.
Nintendo does not seem to have applied the current patches. The proof-of-concept works by slightly modifying code for an iOS 9.3 webkit exploit. Developer LiveOverflow explains in a video and github lists the exploit. The hack is of little value so far, but it is a first step to be able to dive deeper into the system and find new vulnerabilities for workarounds and kernel exploits.