CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Code Execution Vulnerability in Unity Game Engine Affects Multiple Platforms

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A code execution vulnerability in the Unity game engine (CVE-2025-59489) allows arbitrary code execution on Android and privilege escalation on Windows. The flaw affects games built with Unity versions since 2017.1. Steam and Microsoft have issued warnings and patches to mitigate the risk. The vulnerability enables malicious apps on Android to execute code with the privileges of the target game. On Windows, macOS, and Linux, similar exploitation paths exist. Unity has released patches for supported versions, but older unsupported versions remain vulnerable.

Timeline

  1. 06.10.2025 16:56 1 articles · 13h ago

    Unity Game Engine Vulnerability (CVE-2025-59489) Disclosed

    A code execution vulnerability in the Unity game engine (CVE-2025-59489) was discovered in May 2025. The flaw affects games built with Unity versions since 2017.1 and allows arbitrary code execution on Android and privilege escalation on Windows. Steam and Microsoft have issued warnings and patches to mitigate the risk. Unity has released fixes for supported versions, but older unsupported versions remain vulnerable.

    Show sources

Information Snippets