The bug is difficult to exploit, and is consequently described as 'potentially' worrying. It typically requires the target to load a doctored 'saved game' from a USB stick. "The PS3 filter system of the SpeicherDaten (DienstProgramm) module does not recognize special characters and does not provide any kind of input restrictions," reported Vulnerability Lab. "Attackers can manipulate the .sfo file of a save game to execute system specific commands or inject malicious persistent script code."
If successful, it warned, it "can result in persistent but local system command executions, PSN session hijacking, persistent phishing attacks, external redirect out of the vulnerable module, stable persistent save game preview listing context manipulation."
But Christopher Boyd, senior threat researcher with ThreatTrack Security, doesn't think PS3 gamers need worry too much. He told The Register that a successful attack would require multiple steps, each of which could cause alarm. First the attacker would need to 'resign' malicious saves and store them on a free file host (red flag 1); or post to a dedicated gaming site "which can smell a rogue a mile away" (red flag 2). Alternatively, he would need local access to the PS3 (red flag 3) in order to get a game save on USB loaded.
"One might ask,” said Boyd, "why doing all of the above to phish somebody (for example) is worth it when simply sending an in-game phish link would be simpler."
But Paco Hope, principal consultant at Cigital, has a different view. He sees it as a warning of the threats to come with the increasing use of embedded devices. Luckily, he suggests, this is a bug (in the code) rather than a flaw (in the design). "Fix that code and the problem goes away," he said. "What it highlights, though, is the impact of bugs and flaws in the embedded device industry."
Had it been a flaw, things would have been different. "Backward compatibility would need to be maintained for unpatched devices, and a gradual roll-out of a big change could require more than one firmware upgrade, so Sony is surely glad that this was a bug and not a flaw."