TheFlow has done it again--a new kernel exploit has been released for PlayStation 4 consoles. This latest exploit is called PPPwn, and works on PlayStation 4 systems up to official firmware 11.00, with support for 9.00 as well. The exploit was known about for months, and was eventually patched by Sony in a PS4 firmware update for 11.02, after TheFlow reported the vulnerability on HackerOne.

PPPwn is a kernel remote code execution exploit for PlayStation 4 upto FW 11.00. This is a proof-of-concept exploit for CVE-2006-4304 that was reported responsibly to PlayStation.

Supported versions are:

• FW 9.00
• FW 11.00
• more can be added (PRs are welcome)

The exploit only prints PPPwned on your PS4 as a proof-of-concept. In order to launch Mira or similar homebrew enablers, the stage2.bin payload needs to be adapted.

The GitHub repository is available linked below, with instructions and further details about the exploit. You can also find important information regarding all PlayStation 4 exploits in the GBAtemp PS4 Exploit Guide.

Decided to publish PPPwn early. The first PlayStation 4 Kernel RCE. Supporting FWs upto 11.00.https://t.co/INayQSp8fL pic.twitter.com/xhj2jepsY7

— Andy Nguyen (@theflow0) April 30, 2024

Source

PlayStation 4 Exploit Guide

 

[LoggerMan]

I wish I kept my PS4 Pro and on a low firmware. But oh well, I'll play all these games in retirement, if I'm not dead or a hobo.