If you click on a link and make a purchase we may receive a small commission. Learn more.

Cyberpunk 2077 devs warn of security vulnerability with mods

External DLL files can be used to execute code on PCs

Cyberpunk 2077 continues to compel me to do the grimace emoji face on a weekly basis. Here's the latest reason to wince: developers CD Projekt Red say that there's a security vulnerability in external DLL files used by the game that means you should be careful while using mods and custom saves with the game.

They put out the warning in a tweet, asking that folks "refrain from using files from unknown sources" until they can fix the issue.

CDPR then shared more details in a statement sent to Eurogamer:

"A group of community members reached out to us to bring up an issue with the external DLL files the game uses. This issue can be potentially used as part of a remote code execution on PCs. We appreciate their input and are working on fixing this as soon as possible. In the meantime, we advise everyone to refrain from using files obtained from unknown sources. Anyone who plans to use mods or custom saves for Cyberpunk 2077 should use caution until we release the aforementioned fix."33

The discovery of the vulnerability is credited to PixelRick, a Cyberpunk modder and one of the creators of the Cyberpunk Save Editor. He explained in a Reddit comment that the vulnerability would allow hackers to take "asset archives and save files" - normally non-executable files - and have them execute code on your machine at the point at which Cyberpunk loads said files. This could theoretically happen without the player knowing, as the game could continue to load the expected mod or saved game as normal afterwards.

Hopefully I haven't butchered that explanation. In short: thing bad, and CD Projekt Red are working to fix it. I'll try not to die from secondhand embarrassment in the meantime.

You're probably best to just avoid mods entirely for now, but once fixed, there are already some great Cyberpunk 2077 mods available.

About the Author

Graham Smith avatar

Graham Smith

Editor-in-chief

Graham is to blame for all this.

Join the Rock Paper Shotgun supporter program

Sign up today and get access to more articles like these, an ad-free reading experience, free gifts, and help us create more great writing about PC games.

See more information

Comments

We love having a friendly, positive and constructive community - you lot are great - and we want to keep it like that. Our main commenting rule is "be excellent to each other". Please see our code of conduct, where you can find out what "be excellent" means. TL;DR? Respect others, think before you post, and be prepared for puns.

More News

Latest Articles