Call of Duty: WWII Game Pass PC Hit by Critical RCE Exploit, Players Warned to Stay Away

Exercise caution if you’re planning to play Call of Duty: WWII via Game Pass on PC. Users have begun reporting a critical vulnerability that allows hackers to remotely execute commands on another player’s computer. Although the first warnings surfaced only a few hours ago, some players claim the issue has existed for years.

Call of Duty: WWII was added to the Game Pass catalog on June 30 as the latest installment in the franchise lineup. Additional titles are expected to follow soon, but this resurgence in popularity may prove short-lived if the threat remains unresolved.

Remote Code Execution (RCE) vulnerabilities enable malicious actors to gain unauthorized access to another player’s system and execute arbitrary code. This can lead to data theft, system compromise, or the installation of malware. Despite ongoing efforts by developers and the presence of anti-cheat systems, RCE exploits continue to plague the series—even in 2025.

On July 2, ten Call of Duty titles were temporarily taken offline for maintenance, including Call of Duty: WWII. It remains unclear whether the vulnerability has been addressed in the latest updates, but judging by user reports on social media, the issue persists.

Players have been posting screenshots and accounts of alarming incidents. One user described how, during gameplay, an explicit website suddenly opened on their second monitor. Another player, a popular content creator known as BAMS, reported being disconnected from the network via his own gamer tag—an indication that the exploit may already be in active use.

At the time of publication, Activision has not issued an official statement. The scope of the vulnerability and the extent of the company’s response remain uncertain. Should the situation continue unaddressed, enthusiasm for the classic Call of Duty entries on Game Pass may fade swiftly.