RCE via Game Pass: Thousands of PCs Hacked Through Call of Duty
Remote exploits turn Call of Duty into a battlefield for cyberattacks.
Remote exploits turn Call of Duty into a battlefield for cyberattacks.
Gamers beware: if you're planning to play Call of Duty: WWII on PC via Game Pass, proceed with caution. A serious remote code execution (RCE) vulnerability has surfaced — one that allows hackers to execute arbitrary commands on another player’s system. While the first warnings appeared just hours ago, some users claim this flaw has existed for years.
Call of Duty: WWII was added to the Game Pass catalog on June 30, joining a lineup of classic CoD titles. More entries are expected to follow soon, but if this threat remains unresolved, player interest may plummet rapidly.
Remote Code Execution (RCE) vulnerabilities are among the most dangerous in cybersecurity, enabling attackers to run malicious code on victims’ systems. This can lead to data theft, malware installation, and even full system compromise. Despite years of security updates and anti-cheat solutions, RCE threats still persist in 2025.
On July 2, ten Call of Duty titles were temporarily taken offline for maintenance, including CoD: WWII. It remains unclear whether the vulnerability has been patched. Judging by social media posts, however, the threat appears ongoing.
Players have begun sharing chilling stories and screenshots. One user described how a pornographic website suddenly opened on his second monitor mid-game. Another, a popular streamer known as BAMS, reported being forcibly disconnected from the network using his own gamertag.
As of now, Activision has not issued an official statement. The scale of the vulnerability and the company’s response remain unknown. If the situation isn’t addressed quickly, enthusiasm for the Game Pass CoD collection could fade just as fast as it rose.
