Dark Souls RCE Exploit Discovered, Also Works In Elden Ring

Bandai Namco has taken down PC servers for Dark Souls, following the discovery of an Remote Code Execution (RCE) exploit that would also work in Elden Ring due to their shared architecture.

According to the Elden Ring subreddit, the exploit basically allows anyone you match with in PvP to start running programs on your computer, which can be anything from stealing your private information to turning your rig into a glorified bitcoin mine.

A big problem with this is also in how PvP interactions work in Dark Souls- thanks to the series invasion systems, people can join your games without any kind of prompt as long as you’re playing online.

A representative from Bandai Namco confirmed being aware of the RCE exploit in Dark Souls, and the next day the series’ Twitter announced that PVP servers on PC would be taken down pending an investigation into the fix.

“PvP servers for Dark Souls 3, Dark Souls 2, and Dark Souls: Remastered have been temporarily deactivated to allow the team to investigate recent reports of an issue with online services. Servers for Dark Souls: PtDE will join them shortly”, the tweet reads.

Due to the RCE exploit only being on PC though, console versions of the game are unaffected.

The discovery of the exploit is timely, since due to the shared architecture of the games it means it absolutely would exist in the upcoming Elden Ring.

Considering modders were able to solve the problem via the Blue Sentinel mod, it sounds like a fix should be relatively easy to implement via a day 1 patch, so don’t worry about this possibly incurring another delay for Elden Ring.