Fire30 reveals exploit webkit on firmware 6.20
Fire30 has just reveals a new exploit webkit to the PlayStation 4 scene.
Its browser exploit makes it possible in particular to take advantage of the addrof / fakeobj functions which offer arbitrary reading and writing primitives.
According to Fire30, this exploit was corrected under firmware 7.00, thus leaving a new opportunity to find a kernel exploit from firmware 5.50 to firmware 6.72.
Webkit exploits are not kernel exploits, they don't offer userland kernel privileges, this isn't the first exploit of this type on firmware 6.xx, there are already PoC WebKit JSC_ConcatMemcpy and WebKit Code Execution Exploit PoC PS4 6.20.
The exploit uses an implementation of CVE-2018-4386.
1 Comments
my ps4 fat is on 6.20 can i hack it now since the 7.02 come
ReplyDelete