Counter-Strike 2 has a serious security flaw, players point out


Recently, the community discovered a serious security flaw in Counter-Strike 2 (CS2) that allowed attacks on players from their IPs. The failure raised a huge alarm among players and, apparently, Valve managed to fix the error, but did not disclose it publicly.

According to reports on Reddit and X (Twitter), the problem allowed one person to have access to all IPs of players in the lobby. This flaw is quite serious, as IPs are normally camouflaged to protect players from invasion.

Through this, bad actors were running code on other people’s machines through “Panorama Elements” from the map workshop. CS2forcing actions on the person’s profile, such as modifying a photo and deleting an item from the inventory, and generating several problems for the affected player.

In this case, a ban would be the least of the problems, as the flaw also allows spyware to be injected into victims’ computers. The “luck” is that this flaw was mostly used to mess up other people’s profiles on CS2as cheaters were changing their profile photo and nickname for images of adult content of players streaming to force bans – something easier to reverse than an attempted PC hack.

🛒Buy the GeForce RTX 4060 at the best price!

🛒Buy the Radeon RX 7600 at the best price!

Valve fix

Apparently Valve fixed the problem quietly overnight last Monday, December 11th, without revealing anything to the community. According to the Gabe Follower profile, the developers disabled the main cause of this problem: the “Custom Panorama Elements”, which are now restricted and prevent free access to customizations.