The Unity platform is warning developers that the Windows version of its popular game engine contains a vulnerability that could be exploited remotely. Developers who use the engine should update their software immediately.
“By proactively working with internal and external security researchers, a Remote Code Execution flaw in the Editor has been identified, and we have rolled out a critical security patch to the global community,” said Amanda Taggart, Unity’s head of global communications. “Security is paramount at Unity and is enabled by close collaboration with our security partners and customers to provide the most trustworthy software possible. Per our commitment to responsible disclosure, we’re unable to share more details at this time.”
It is unknown whether the vulnerability is being exploited in the wild.