Skip to main content

Nintendo’s Switch is using an outdated version of WebKit leveraged in previous iOS jailbreak

The just-released Nintendo Switch is proving to be quite popular among gamers, but it has also caught the attention of hackers who may be interested in exploiting vulnerabilities present in the console. It certainly wouldn’t be the first time such a thing has occurred, as we think back on jailbreaks that were released for the PS3, the Nintendo Wii, and other popular game consoles.

It just so happens that a vulnerability discovered in the Nintendo Switch has a slight iOS correlation — the console uses an outdated version of WebKit, the same version of WebKit used to leverage an iOS 9.3.x jailbreak in the past. That’s not to say that a Nintendo Switch jailbreak is imminent or even in the cards at this time, but a known working exploit is available to make arbitrary code execution a possibility.

Since the exploit is in WebKit, hackers would need access to a WebKit-based browser. Nintendo doesn’t make a user-facing browser available in most circumstances, and when it does, it can only venture to a captive portal — that landing page that you often encounter when connecting to a Starbucks Wi-Fi hotspot or an Airport hotspot. However, with a little patience, a user could establish a proxy server on the local Wi-Fi network and intercept traffic — forcing the Switch’s browser to a locally hosted web page instead.

From there, it’s just a matter of taking advantage of the old version of WebKit susceptible to the exploit. Details on the CVE-2016-4657 vulnerability can be found here, but it basically amounts to a WebKit exploit in versions of iOS prior to iOS 9.3.5 that allowed remote attackers to execute arbitrary code via a specially crafted website. This same exploit was used to jailbreak iOS 9.3.x in the past via qwertyoruiopz’s neo version of the infamous JailbreakMe.

Watch LiveOverflow’s awesome proof of concept and explanation

Apple addressed the WebKit exploit with the release of iOS 9.3.5 on August 25, 2016. Thus, it’s been a long seven months since this hole was addressed. Oddly enough, Nintendo decided to ship its latest console with that same old version of WebKit, perhaps reasoning that since there is no user-facing browser that it’s not a high priority. Or maybe they just figured they’d fix it later in a future update.

Whatever the case may be, you can be sure that Nintendo is now aware of this issue, and will likely be issuing an update to bring its WebKit browser up to date in the near future. As for whether we’ll see a Nintendo Switch Jailbreak, it’s definitely not out of the realm of possibilities. Whether we see one now, or see one in the future, I think enough people care about the Switch to make it too tempting for skilled hackers to pass up.

Image Credit: LiveOverflow

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Jeff Benjamin Jeff Benjamin

Jeff is the head of video content production for 9to5. He initially joined 9to5Mac in 2016, producing videos, walkthroughs, how-tos, written tutorials, and reviews. He takes pride in explaining things simply, clearly, and concisely. Jeff’s videos have been watched hundreds of millions of times by people seeking to learn more about today’s tech. Subscribe to 9to5Mac on YouTube to catch Jeff’s latest videos.


Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications