Unity News: Game and Application Security Exploit Found

Vardalis

Vardalis

Final Form
Level 3
97%
Joined
Jan 18, 2025
Messages
492
Level up in
8 posts
Reaction score
850
Points
2,477

tl;dr: A security vulnerability was found in pretty much every version of Unity Engine from 2017 to the pre-patch version of 6.2 today. The issue is in the runtime, so it affects games and applications built with Unity. Windows, Mac, Linux, Android, etc are all affected. There are no reported exploitations of the vulnerability at the current time of writing but this will change rapidly now its been announced. Windows Defender will detect and block the vulnerability, and Valve are adding additional protections to Steam. If you've built anything that you've put out there, patch it.

Post on Unity's discussion board going into more detail.
 
Good heavens...
Thanks for posting this.
 
Thanks for sharing, just got the email they sent out too.
 
this is flash player all over again. Unity is kaput as a commercial game engine, IMO. It was suspicious since Unity games have been having serious performance issues for a while, I wonder if those issues were caused by foreign agents stealing my data while I game.
 
Strategist said:
I wonder if those issues were caused by foreign agents stealing my data while I game.
Click to expand...
1759537483573.png
 
Tonberry said:
View attachment 116409
Click to expand...

"Strategist, what the fuck are you talking about?"


Strategist: Are you telling me that a security exploit existed in Unity from 2017 to 2025 and with all the hackers, agents and spies from foreign countries, no one figured out how to use it? I'm not sure I'm buying this story from Unity that they are no cases of this exploit being abused. Maybe no reported cases, but I don't know if they can track this data comprehensively.
 
I have checked the technical details of the exploit... if that's what they said, the gist of it would be this:

The games built with unity can be misused to execute an external unrelated dll (or shared library) using commandline arguments.
How?
By creating a shortcut that executes the game with crafted extra arguments.

In other words, the games themselves aren't dangerous due to this exploit... however, they CAN be misused by an attacker.

In order for this attack to be possible on end-user's device, there should be a harmful dll already present on user's system, and a shortcut should be created (or modified) to run a unity game, and also have those extra args.

This trick is useful for attackers only to activate their malware for the first time.
And honestly they have way easier ways to do so... instead of using such an odd method.

Also, detecting it is pretty easy on multiple levels... from spotting suspicious shortcuts, to endpoint security tools flagging unexpected dll loads (or the malicious dll itself), to platform‑level protections like Steam, Windows Defender, or Play Protect that already mitigate much of this behavior.

Just keep in mind that regardless of danger level of this specific exploit, the danger of being spied or such is always real.
 
JustLooking123 said:
I have checked the technical details of the exploit... if that's what they said, the gist of it would be this:

The games built with unity can be misused to execute an external unrelated dll (or shared library) using commandline arguments.
How?
By creating a shortcut that executes the game with crafted extra arguments.

In other words, the games themselves aren't dangerous due to this exploit... however, they CAN be misused by an attacker.

In order for this attack to be possible on end-user's device, there should be a harmful dll already present on user's system, and a shortcut should be created (or modified) to run a unity game, and also have those extra args.

This trick is useful for attackers only to activate their malware for the first time.
And honestly they have way easier ways to do so... instead of using such an odd method.

Also, detecting it is pretty easy on multiple levels... from spotting suspicious shortcuts, to endpoint security tools flagging unexpected dll loads (or the malicious dll itself), to platform‑level protections like Steam, Windows Defender, or Play Protect that already mitigate much of this behavior.

Just keep in mind that regardless of danger level of this specific exploit, the danger of being spied or such is always real.
Click to expand...
I feel this should be a sticky post on this thread, thank you JL.
 
Beware: There have been no replies in this thread for 90 days.
Keep that in mind when expecting a reply from the people on it,
You can also start a new thread instead. This is just a heads-up, bumping is allowed in this forum.

Users who are viewing this thread

Total: 1 (members: 0, guests: 1)

Connect with us

Support this Site

RGT relies on you to stay afloat. Help covering the site costs and get some pretty Level 7 perks too.

Featured Video

Latest Threads

Favorite Game Music

Hi everyone, hope you are having a grate day/night.
So i just wanted to make this here so we can...
Read more

JRPG With The Best Gameplay?

HAPPY FATHER'S DAY ❤️

JUST WANNA SAY HAPPY FATHER'S DAY TO ALL THE DADS OUT THERE - YEAH I KNOW WE DON'T HEAR IT...
Read more

The S.D. Perry Universe

So... Is there anyone brave enough among us that consumed this literature to give us an opinion...
Read more

They made a Roblox TV show*

*Its not official but... It's still a fun watch, the voice acting is a bit bad, but I could feel...
Read more

Online statistics

Members online
195
Guests online
1,660
Total visitors
1,855
Totals may include hidden visitors.

Forum statistics

Threads
20,387
Messages
515,114
Members
930,085
Latest member
Sxnseii

Members online

... and 155 more.
Total: 1,831 (members: 190, guests: 1,641)

Today's birthdays

Advertisers

Back
Top