PsFree Web Exploit: A Vulnerability Affecting PS4 and PS5

Developer CelesteBlue has announced the creation of PsFree, a new web exploit for the PS4 with firmware versions ranging from 6.00 to 9.60. This exploit is already available for pre-release and is also expected to function on PS5 with firmware versions from 1.00 to 5.50.

This exploit is based on CVE-2022-22620, developed by security researchers Sergei Glazunov and Maddie Stone. The initial implementation for PS4/PS5 was performed by community member “abc” on the PlayStation Devwiki Discord forum, with further enhancements and realization carried out by CelesteBlue.

Additionally, CelesteBlue has unveiled QuickHEN PS4, a comprehensive toolkit that will include all necessary web exploits for PS4 with firmware versions from 3.15 to 9.60, as well as kernel exploits for supported firmware.

It is important to note that at the time of publication, PsFree is a very recent release still undergoing testing within the hacker community. Results are not guaranteed. If you are not prepared for uncertainty, it may be prudent to wait until the situation stabilizes, as bug fixes are likely to emerge soon. Testers have reported issues with the current release.

PsFree is an exploit for PS4 with firmware versions from 6.00 to 9.60 and PS5 from 1.00 to 5.50. It allows for the limited running of unsigned code on the console. While theoretically it can be used to launch homemade games, in practice, such exploits are typically used as entry points for privilege escalation.

Publicly available exploits exist for PS4 (up to firmware 9.00) and PS5 (up to firmware 4.51). This web exploit could replace an existing exploit by offering a more stable implementation or serve as an entry point in the future.

Although the official download link from CelesteBlue has not yet been published, the PsFree exploit is already available on popular Discord servers and Twitter. Nevertheless, it should be noted that the current version may not be the final one, and users have reported encountering issues.

To test the PsFree exploit, one can navigate to https://zecoxao.github.io/psfree/ in the web browser of PS4 or PS5. You can also host the exploit yourself, following the instructions on the relevant resources.

Source: wololo