Unity News: Game and Application Security Exploit Found

[Vardalis]

tl;dr: A security vulnerability was found in pretty much every version of Unity Engine from 2017 to the pre-patch version of 6.2 today. The issue is in the runtime, so it affects games and applications built with Unity. Windows, Mac, Linux, Android, etc are all affected. There are no reported exploitations of the vulnerability at the current time of writing but this will change rapidly now its been announced. Windows Defender will detect and block the vulnerability, and Valve are adding additional protections to Steam. If you've built anything that you've put out there, patch it.

Post on Unity's discussion board going into more detail.

 

[Don Patch]

Good heavens...
Thanks for posting this.

 

[Tonberry]

Thanks for sharing, just got the email they sent out too.

 

[Strategist's icon Strategist Strategist]

this is flash player all over again. Unity is kaput as a commercial game engine, IMO. It was suspicious since Unity games have been having serious performance issues for a while, I wonder if those issues were caused by foreign agents stealing my data while I game.

 

[Tonberry]

I wonder if those issues were caused by foreign agents stealing my data while I game.

 

[Strategist's icon Strategist Strategist]

View attachment 116409

"Strategist, what the fuck are you talking about?"


Strategist: Are you telling me that a security exploit existed in Unity from 2017 to 2025 and with all the hackers, agents and spies from foreign countries, no one figured out how to use it? I'm not sure I'm buying this story from Unity that they are no cases of this exploit being abused. Maybe no reported cases, but I don't know if they can track this data comprehensively.

 

[JustLooking123]

I have checked the technical details of the exploit... if that's what they said, the gist of it would be this:

The games built with unity can be misused to execute an external unrelated dll (or shared library) using commandline arguments.
How?
By creating a shortcut that executes the game with crafted extra arguments.

In other words, the games themselves aren't dangerous due to this exploit... however, they CAN be misused by an attacker.

In order for this attack to be possible on end-user's device, there should be a harmful dll already present on user's system, and a shortcut should be created (or modified) to run a unity game, and also have those extra args.

This trick is useful for attackers only to activate their malware for the first time.
And honestly they have way easier ways to do so... instead of using such an odd method.

Also, detecting it is pretty easy on multiple levels... from spotting suspicious shortcuts, to endpoint security tools flagging unexpected dll loads (or the malicious dll itself), to platform‑level protections like Steam, Windows Defender, or Play Protect that already mitigate much of this behavior.

Just keep in mind that regardless of danger level of this specific exploit, the danger of being spied or such is always real.

 

[sneakyguts]

gaming is not getting better

 

[RageBurner]

I have checked the technical details of the exploit... if that's what they said, the gist of it would be this:

The games built with unity can be misused to execute an external unrelated dll (or shared library) using commandline arguments.
How?
By creating a shortcut that executes the game with crafted extra arguments.

In other words, the games themselves aren't dangerous due to this exploit... however, they CAN be misused by an attacker.

In order for this attack to be possible on end-user's device, there should be a harmful dll already present on user's system, and a shortcut should be created (or modified) to run a unity game, and also have those extra args.

This trick is useful for attackers only to activate their malware for the first time.
And honestly they have way easier ways to do so... instead of using such an odd method.

Also, detecting it is pretty easy on multiple levels... from spotting suspicious shortcuts, to endpoint security tools flagging unexpected dll loads (or the malicious dll itself), to platform‑level protections like Steam, Windows Defender, or Play Protect that already mitigate much of this behavior.

Just keep in mind that regardless of danger level of this specific exploit, the danger of being spied or such is always real.

I feel this should be a sticky post on this thread, thank you JL.

 

[qw90700]

Thanks for the news so I can hack people!!! (wears his black terrorist mask and gloves):

lolol

 

[Danieru-Emanyueru]

Alright and thanks for share.