Forgot password
Enter the email address you used when you joined and we'll send you instructions to reset your password.
If you used Apple or Google to create your account, this process will create a password for your existing account.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Reset password instructions sent. If you have an account with us, you will receive an email within a few minutes.
Something went wrong. Try again or contact support if the problem persists.
Apex Legend Pathfinder being sad.
Image via Respawn Entertainment
Category:
Apex Legends

Respawn doesn’t believe there are ‘more serious risks’ to players in Titanfall 2 security vulnerability

"Our engineers believe that we’re dealing with a simple exploit that can be used to crash games."
Image of Pedro Peres
Pedro Peres
|

Published: Sep 8, 2021 07:47 pm

Respawn Entertainment is “aware of reports” of and “investigating” a possible security vulnerability in Titanfall 2, the company announced today. The wording on the announcement does not confirm or deny the breach. Respawn has “no other information to share at the moment,” according to the tweet, but will update fans if new information comes up.

Recommended Videos

The Twitter statement comes hours after a user alleged that Titanfall 2 servers were compromised. The warning originated from the NoSkill community Discord, a server dedicated to a Titanfall modding community, and claims that “there are reports of a bug in the game that allow local code execution from the server.” This “could leave both your computer and your console vulnerable to exploits,” they wrote.

A user clarified the explanation on the NoSkill Discord, with details about how it could happen and its potential (and harmful) ramifications.

“The temporary buffer that Titanfall uses for game invites has a size cap,” they wrote. “If the decoded username of the person who invited you is larger than that size cap, it’ll start overwriting random memory to store the name. Once it gets outside of that specific temporary buffer, though, your PC starts treating it as executable code instead of a username. And because that is directly on your computer, it could potentially run any program, including malware, on your computer.”

According to another user, the cause of the vulnerability is a “malformed lobby invite” sent to members of the Advocate Network, Titanfall 2‘s default network, to crash their games with a buffer overflow. These overflows “have potential to lead to arbitrary code execution,” the user wrote.

Although there could be security implications from the vulnerability, it’s hard to find reports of users actively being hacked or harmed by the issue as of the time of writing. Hackers might potentially exploit the breach over time, however.

Respawn is investigating the issue and fans should wait for official announcements, particularly on Twitter, to know more.

Update Sept. 8 9:57pm CT: The company is still investigating, but Respawn engineers believe it’s “a simple exploit that can be used to crash games” and “do not believe there are any more serious risks to affected players or their machines,” according to an announcement. We have updated the headline accordingly.

Update Sept. 10 10:01am CT: Respawn “shipped an update to address the game-crashing exploit” and “found no evidence of any more serious vulnerabilities,” according to an official tweet.

Dot Esports is supported by our audience. When you purchase through links on our site, we may earn a small affiliate commission. Learn more about our Affiliate Policy
related content
Author
Image of Pedro Peres
Pedro Peres
Pedro is Dot Esports' Lead Destiny Writer. He's been a freelance writer since 2019, and legend has it you can summon him by pinging an R-301, uttering the word "Persona," or inviting him to run a raid in Destiny 2 (though he probably has worse RNG luck than the D2 team combined). Find his ramblings on his Twitter @ggpedroperes (whenever that becomes available again).
Link to muckrack.com