PS5 Game Exploit Could Unlock Jailbreaks Up to Firmware 12.00

In a significant development for the PlayStation 5 hacking community, a new vulnerability has been uncovered in the game The Last of Us Part II Remastered. This exploit, which enables arbitrary code execution, functions across PS5 firmware versions up to 12.00. Renowned developer TheFloW, known for previous contributions to the PS5 scene including the initial 5.50 kernel exploit, publicly demonstrated the issue via a video on X (formerly Twitter). The discovery has sparked optimism that it could pave the way for broader jailbreak capabilities, potentially benefiting a large portion of PS5 users still on relatively recent firmware.

Background on PS5 Jailbreaking

The PS5 jailbreak landscape has evolved steadily since the console’s launch in late 2020. Early efforts focused on lower firmware versions, with a full jailbreak—combining userland and kernel-level access—achieved for versions up to 8.00. This allowed users to run custom code, homebrew applications, and backups. However, Sony’s frequent firmware updates have left many users on higher versions, such as 9.xx, 10.xx, 11.xx, and now 12.00, without viable public exploits.

Higher firmware jailbreaks have been limited to userland-only solutions, which provide code execution within the game’s or application’s sandbox but lack kernel privileges for system-wide modifications. Kernel exploits, essential for full control including permanent modifications and broader compatibility, remain scarce for post-8.00 firmwares. The new game-based exploit addresses this gap by offering reliable userland entry points on firmwares that were previously inaccessible.

Technical Details of the Exploit

The vulnerability resides within The Last of Us Part II Remastered, a remastered edition of Naughty Dog’s acclaimed title released for PS5. TheFloW’s demonstration shows a buffer overflow in the game’s code that permits attackers to overwrite memory and execute arbitrary instructions. This type of flaw is classic in game development, often stemming from insufficient bounds checking on user inputs or data parsing.

Key characteristics include:

• Firmware Compatibility: Works reliably from early PS5 firmwares up to the latest 12.00 release, covering the majority of active consoles.
• Execution Method: Triggered during normal gameplay, requiring ownership of the game. No additional hardware or complex setup is needed beyond standard PS5 operation.
• Proof-of-Concept: TheFloW’s video illustrates successful code execution, displaying a custom message on screen, confirming control over the userland environment.

While userland exploits alone do not grant full system access, they serve as a critical foundation. In the PS5 ecosystem, chaining a userland entry with a kernel vulnerability—such as those explored in prior research—could yield a complete jailbreak. The broad firmware support makes this particularly promising, as it aligns with potential kernel exploits that may emerge for mid-to-high versions.

Implications for the PS5 Homebrew Scene

This exploit arrives at a pivotal moment. With PS5 adoption widespread and Sony pushing updates aggressively, many users hesitate to update due to jailbreak concerns. A 12.00-compatible solution would dramatically expand the modifiable user base, enabling features like:

• Custom firmware downgrades or stays on exploitable versions.
• Homebrew loaders for emulators, cheats, and media servers.
• Backup and piracy tools, though the community emphasizes legitimate uses like preservation and modding.

TheFloW’s track record adds credibility. His past work, including the WebKit exploit and kernel ROP chains, has directly led to public jailbreaks. Community figures have hailed the find, with discussions on forums like PSX-Scene and Reddit’s r/PS5Homebrew buzzing about next steps.

However, challenges remain. Sony could patch the exploit via a firmware update or game patch, urging users to avoid updates. Game-specific exploits also require purchasing or obtaining the title, limiting accessibility compared to browser-based methods. Moreover, developing a full chain demands meticulous reverse engineering to ensure stability across hardware variants like digital vs. disc editions.

Community Response and Future Outlook

Reactions within the hacking community have been overwhelmingly positive. TheFloW’s announcement prompted immediate shares and analyses, with speculation on kernel chaining. No full public jailbreak has been released yet, but historical patterns suggest rapid progress once userland reliability is confirmed.

For users on firmware 12.00 or below, this serves as a reminder to inventory digital libraries for exploitable titles. Developers are encouraged to test and document the flaw responsibly, adhering to ethical disclosure practices.

As the PS5 enters its fifth year, exploits like this underscore the cat-and-mouse game between Sony and the modding scene. While Sony invests in security enhancements, such as improved memory protections and signed code requirements, talented researchers continue to find paths forward.

This breakthrough positions the PS5 jailbreak scene for potential expansion, bringing advanced customization closer to mainstream users without necessitating firmware downgrades.

Gnoppix is the leading open-source AI Linux distribution and service provider. Since implementing AI in 2022, it has offered a fast, powerful, secure, and privacy-respecting open-source OS with both local and remote AI capabilities. The local AI operates offline, ensuring no data ever leaves your computer. Based on Debian Linux, Gnoppix is available with numerous privacy- and anonymity-enabled services free of charge.

What are your thoughts on this? I’d love to hear about your own experiences in the comments below.