Game Exploit: Hackers Can Take Over Your PC via Marvel Rivals
2025-02-03

A security researcher discovered a Remote Code Execution (RCE) exploit in Marvel Rivals. Attackers on the same Wi-Fi network can execute arbitrary code on other players' PCs. The vulnerability stems from the game's use of RCE for patching, without verifying server connections, and running with admin privileges. This allows for potential remote takeover of PCs. The researcher highlights the need for game developers to prioritize security, implement robust bug reporting systems, and establish bug bounty programs to incentivize vulnerability disclosure.