PC servers for Dark Souls 1 (including Remastered), 2, and 3 are currently down after the discovery of a Remote Code Execution exploit was posted on Reddit two days ago. Dark Souls: PtDE servers are also scheduled to go dark, with no estimate of when any of these servers will be back online, according to tweets from the officially verified Dark Souls game Twitter account. Xbox and PlayStation PvP servers are currently unaffected with no plans to go down.
Originally posted on Reddit by user TripleBrownMeow, a remote code execution for the PC version of Dark Souls 3, executable via PvP servers, gives hackers access to machines via the game and can brick them, take user information and execute malware, with total control of the machines that are hacked. Bandai confirmed in the comments on the Reddit post that they are aware of this issue and that it has been reported to the relevant internal teams, as confirmed by the later tweet regarding the server downtime.
Will Dark Souls' RCE Vulnerability Affect Elden Ring?
Allegedly, this same backdoor exploit is also present in Elden Ring, the upcoming Soulslike due to be released on February 25, 2022, also developed by FromSoftware and published by Bandai Namco.
Recently several RCEs have cropped up in the PC gaming community, with some having been problems for years. In December, Microsoft was notified about and fixed an exploit in Minecraft, stemming from a security vulnerability in Apache Log4J 2, a logging and tracing API used in the game that impacted a large number of servers outside of gaming as well.. Previously in 2021, an RCE vulnerability was also made public in Valve’s Source Engine. Amazon’s MMO New World also had an issue where its chat was running HTML code without any check, allowing players to kick others from the game and other things.
Have you fallen victim to remote code exploits in the past? Looking forward to servers going back up and Elden Ring going online? Let us know in the comments below!