A security bug has been found on the PlayStation Now cloud gaming Windows application which has allowed malicious actors to put arbitrary code on Windows devices which are running vulnerable app versions. PlayStation Now has over 2.2 million subscribers in 2020, with this bug potentially harming a large number of users.
A bug bounty hunter, Parsia Hakimian, uncovered the vulnerabilities, discovering that the bug affects PlayStation Now version 11.0.2 and earlier on computers running Windows 7 SP1 or later. Hakimian reported the bug on May 13, 2020, using PlayStation’s official bug bounty program powered by HackerOne. PlayStation addressed the bug at the time and tagged the bug as ‘Resolved’ on June 25th, 2020, a month later.