Login Sign Up

CVE-2023-35856

9.8 CRITICAL
Remote Code Execution Buffer Overflow

📋 TL;DR

This vulnerability allows remote code execution in Mario Kart Wii game clients through a buffer overflow in network packet handling. Attackers can send specially crafted packets to execute arbitrary code on vulnerable game clients. This affects players using the listed game versions in online multiplayer scenarios.

💻 Affected Systems

Products:
  • Nintendo Mario Kart Wii
Versions: RMCP01, RMCE01, RMCJ01, RMCK01
Operating Systems: Wii System Software
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in the game client's network packet parsing code.

📦 What is this software?

Mario Kart Wii by Nintendo

View all CVEs affecting Mario Kart Wii →

Mario Kart Wii by Nintendo

View all CVEs affecting Mario Kart Wii →

Mario Kart Wii by Nintendo

View all CVEs affecting Mario Kart Wii →

Mario Kart Wii by Nintendo

View all CVEs affecting Mario Kart Wii →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to install malware, steal data, or gain persistent access to the victim's machine.

🟠

Likely Case

Game client crashes or arbitrary code execution leading to system compromise during online multiplayer sessions.

🟢

If Mitigated

Limited impact if game is played offline or network traffic is properly filtered.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: CONFIRMED
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Public proof-of-concept code is available on GitHub demonstrating remote code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: N/A

Restart Required: No

Instructions:

No official patch available from Nintendo as this is a legacy game. Consider community patches or workarounds.

🔧 Temporary Workarounds

Disable Online Multiplayer

all

Prevent exploitation by disabling online multiplayer functionality

Use Community Patches

all

Apply community-developed patches that fix the buffer overflow vulnerability

Follow instructions at: https://github.com/MikeIsAStar/Mario-Kart-Wii-Remote-Code-Execution

🧯 If You Can't Patch

  • Play the game offline only to eliminate network attack vectors
  • Use network filtering to block suspicious Mario Kart Wii network traffic

🔍 How to Verify

Check if Vulnerable:

Check game version in game settings or on disc label for RMCP01, RMCE01, RMCJ01, or RMCK01

Check Version:

Check game disc or in-game version information

Verify Fix Applied:

Verify community patches are applied or confirm game is played offline only

📡 Detection & Monitoring

Log Indicators:

  • Game crash logs with memory corruption errors
  • Unexpected process execution following game crashes

Network Indicators:

  • Unusual network traffic patterns to/from Mario Kart Wii game clients
  • Malformed network packets targeting game port

SIEM Query:

N/A for consumer gaming environments

📊 Metadata

CVE ID: CVE-2023-35856
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-120
Published: June 19, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35856, you might also want to check these:

CVE-2023-24482 10.0

This CVE describes a critical buffer overflow vulnerability in COMOS software's cache validation ser...

Same vulnerability type (CWE-120)
CVE-2024-22039 10.0

This vulnerability allows unauthenticated remote attackers to execute arbitrary code with root privi...

Same vulnerability type (CWE-120)
CVE-2022-22570 10.0

A buffer overflow vulnerability in UniFi Door Access Reader Lite firmware allows attackers with netw...

Same vulnerability type (CWE-120)