Cyberpunk 2077 security vulnerability exposed that leaves PCs open to malicious code; CDPR promises a quick turnaround for a fix
CDPR may have just released a hotfix for Cyberpunk 2077, but another troubling problem has emerged for the game. In a statement on Twitter, CDPR acknowledged that Cyberpunk 2077 currently has a vulnerability that exposes PCs to malicious code. The statement is as follows:
If you plan to use @CyberpunkGame mods/custom saves on PC, use caution. We've been made aware of a vulnerability in external DLL files the game uses which can be used to execute code on PCs. Issue will be fixed ASAP. For now, please refrain from using files from unknown sources.
According to a detailed post on Reddit, Cyberpunk 2077 were warned of the vulnerability over a week ago and before the release of Hotfix 1.11. While CDPR has not specified what these external DLL files are, the same post explains that these are files or dependencies that Cyberpunk 2077 requires to run, rather than files of a third-party tool.
Currently, we would recommend avoiding using mods and custom saves in Cyberpunk 2077 until CDPR addresses the vulnerability. However, there is a fix of sorts courtesy of Cyberpunk Engine Tweaks. Supposedly, the latest version of the tool patches the vulnerability, although we cannot confirm this. You can read the release notes for the latest Cyberpunk Engine Tweaks revision here.