A month after Elden Ring, details for the recent Dark Souls RCE exploit has been shared by discoverer

sportskeeda.com:

Bandai Namco had to shut down the online services for the Dark Souls series for their PC players. They announced in early February that the servers would remain suspended and would not resume "until after the release of Elden Ring."

It has been nearly two months since they went down, and one of the discoverers has finally shared details of the exploit online.

The hack was discovered in January 2022 and affected the system security of those who play Dark Souls 3 online. The RCE exploit can give the hacker complete control of the victim's PC.

FromSoft had to shut down the PvP servers soon after for the DS series without stating when they would be restored.

The report on the exploit has been shared for public viewing on GitHub. It contains both the proof of concept code and documentation for the exploits that affected the DS online components. Along with Dark Souls 3, the document also provides a list of games that are affected by the same issue:

According to the post, the exploit is not a peer-to-peer networking issue but related to the matchmaking server. Given that Dark Souls 3 still has a significant player base, the developers had to quickly address the problem with the launch of Elden Ring looming ahead.

The document mentions that the person made FromSoftware aware of the issue with the initial report but did not receive a response. They then decided to showcase their knowledge of the matter publicly "in the hopes of raising attention to have it addressed by the developers."

The report stated that the network test of Elden Ring was affected by this, but the release version was free of any such vulnerabilities. It mentioned that:

It further contended:

The report's publishing allows players a peek at the workings of the issue