What’s the switch 2 modding status?

[TurtTide55]

Hi! What is the switch 2 modding status currently? Have we got anywhere closer to running custom firmware yet outside of the custom graphic like 2 months ago? I swear we need the encryption keys which so bad! Is no one even trying to mod the switch 2 anymore?

 

[ihaveahax]

There is currently nothing. I'm sure some people are trying behind the scenes, but there is no guarantee when, or even if, a vulnerability would be found.

I made a post about why the Switch 2 may not be hacked anytime soon, if ever: https://blog.ihaveahax.net/2025/06/03/more-details-on-why-the-nintendo-switch-2-may-not-be-hacked/
Software-wise is pretty much a non-starter. Hardware might possibly work, but there are more advanced protections in-place to resist hardware attacks and modchips, so it will take a long time, if anything happens.

 

[FernandoRocker]

The "custom graphic" was nothing. It was expected behavior. Just a party trick.

 

[Marc_LFD]

You're gonna need to be patient, like years patient.

 

[RyanTheArchivist]

The "custom graphic" was nothing. It was expected behavior. Just a party trick.

Yeah ROP stuff like that is basically useless unless they've got a kernel exploit to go with it. ROP exploits are nothing special.

 

[morrisseyshair]

It took one year for the Switch 1 to get hacked and that was only due to Nvidia's hardware mistake. So even if the Switch 2 gets hacked it's going to take years and that's after Nintendo learned from the Switch 1.

 

[RyanTheArchivist]

It took one year for the Switch 1 to get hacked and that was only due to Nvidia's hardware mistake. So even if the Switch 2 gets hacked it's going to take years and that's after Nintendo learned from the Switch 1.

I mean the last known kernel exploit in HOS was like.... firmware 7.X and it went widely ignored due to it being on such an early firmware.

 

[wurstpistole]

None

 

[Ondrashek06]

Hi! What is the switch 2 modding status currently? Have we got anywhere closer to running custom firmware yet outside of the custom graphic like 2 months ago? I swear we need the encryption keys which so bad! Is no one even trying to mod the switch 2 anymore?

No exploit, not even with a modchip. Only speculation so far.

 

[Kai_98]

I tend to think that there haven't been any kernal exploits found in HOS because people really haven't been looking for them. What's the point in even looking if you already have a perfectly good entry point and there's like 15 million exploitable consoles out there anyways? And for anyone who REALLY wants a hacked Lite, V2, or OLED, the mod chips exist. Switch 1 hacking has been nothing but accessible, and accessibility inheritly breeds laziness when it comes to finding exploits. We haven't NEEDED another exploit in the Switch 1, so another one hasn't been found.

The PS4 has been different because after some time passes, getting your hands on a 9.00 firmware PS4 becomes difficult, so every so often, a refresh is necessary due to the overall demand. Even then, there wasn't much movement in the scene since an entry point still did exist on older firmwares.

Considering the Switch 2 doesn't have any real points of entry yet, I tend to believe that an exploit will be found within the first year and a half (remember this is Nintendo we're talking about, their track record with keeping consoles secure is utter garbage). And when an exploit is found, release of it is probably going to be limited until more consoles are out in the wild. Why release an exploit that only applies to 3 million systems, when you could wait and release it when it applies to 10+ million systems?

There's also very little to do on the Switch 2 right now (in terms of games), and there probably won't be much to do on it for at least a year or two, so I imagine that'll also play a major role.

 

[FernandoRocker]

I tend to think that there haven't been any kernal exploits found in HOS because people really haven't been looking for them. What's the point in even looking if you already have a perfectly good entry point and there's like 15 million exploitable consoles out there anyways? And for anyone who REALLY wants a hacked Lite, V2, or OLED, the mod chips exist. Switch 1 hacking has been nothing but accessible, and accessibility inheritly breeds laziness when it comes to finding exploits. We haven't NEEDED another exploit in the Switch 1, so another one hasn't been found.

The PS4 has been different because after some time passes, getting your hands on a 9.00 firmware PS4 becomes difficult, so every so often, a refresh is necessary due to the overall demand. Even then, there wasn't much movement in the scene since an entry point still did exist on older firmwares.

Considering the Switch 2 doesn't have any real points of entry yet, I tend to believe that an exploit will be found within the first year and a half (remember this is Nintendo we're talking about, their track record with keeping consoles secure is utter garbage). And when an exploit is found, release of it is probably going to be limited until more consoles are out in the wild. Why release an exploit that only applies to 3 million systems, when you could wait and release it when it applies to 10+ million systems?

There's also very little to do on the Switch 2 right now (in terms of games), and there probably won't be much to do on it for at least a year or two, so I imagine that'll also play a major role.

SciresM already did the work of analyzing the software on the Switch 1, every piece single of the kernel, and didn't found a single entry point. SciresM already said that HorizonOS is exploit-free.

Believe it or not, but Nintendo pretty much did an unhackable software, and it was all Nvidia and the design of the well-documented Tegra X1 the responsible of the exploits.

Switch 2 is still using HorizonOS, so no entry points via software. And I'm pretty sure Nvidia won't make the same mistake twice.

 

[The Real Jdbye]

SciresM already did the work of analyzing the software on the Switch 1, every piece single of the kernel, and didn't found a single entry point. SciresM already said that HorizonOS is exploit-free.

Believe it or not, but Nintendo pretty much did an unhackable software, and it was all Nvidia and the design of the well-documented Tegra X1 the responsible of the exploits.

Switch 2 is still using HorizonOS, so no entry points via software. And I'm pretty sure Nvidia won't make the same mistake twice.

SciresM this, SciresM that. How about everybody stops taking a single person for his word and does their own research instead? He's not perfect, he can miss things just like anybody else.

 

[ertaboy356b]

I tend to think that there haven't been any kernal exploits found in HOS because people really haven't been looking for them. What's the point in even looking if you already have a perfectly good entry point and there's like 15 million exploitable consoles out there anyways? And for anyone who REALLY wants a hacked Lite, V2, or OLED, the mod chips exist. Switch 1 hacking has been nothing but accessible, and accessibility inheritly breeds laziness when it comes to finding exploits. We haven't NEEDED another exploit in the Switch 1, so another one hasn't been found.

The PS4 has been different because after some time passes, getting your hands on a 9.00 firmware PS4 becomes difficult, so every so often, a refresh is necessary due to the overall demand. Even then, there wasn't much movement in the scene since an entry point still did exist on older firmwares.

Considering the Switch 2 doesn't have any real points of entry yet, I tend to believe that an exploit will be found within the first year and a half (remember this is Nintendo we're talking about, their track record with keeping consoles secure is utter garbage). And when an exploit is found, release of it is probably going to be limited until more consoles are out in the wild. Why release an exploit that only applies to 3 million systems, when you could wait and release it when it applies to 10+ million systems?

There's also very little to do on the Switch 2 right now (in terms of games), and there probably won't be much to do on it for at least a year or two, so I imagine that'll also play a major role.

Horizon OS is using a microservice design, in that, codes are extremely miniscule per module and mistakes are not easy to overlook. Every piece of the OS is probably thoroughly reviewed and tested. The way I see it, any exploits found in the future will be coming from software not fully written by Nintendo like the Webkit browser or some android-based modules like the touchscreen or flaw in the bluetooth driver, etc. With games being extremely virtualized and sandboxed, I doubt we will see another Cubic Ninja type exploit.

 

[Renos44]

Horizon OS is using a microservice design, in that, codes are extremely miniscule per module and mistakes are not easy to overlook. Every piece of the OS is probably thoroughly reviewed and tested. The way I see it, any exploits found in the future will be coming from software not fully written by Nintendo like the Webkit browser or some android-based modules like the touchscreen or flaw in the bluetooth driver, etc. With games being extremely virtualized and sandboxed, I doubt we will see another Cubic Ninja type exploit.

Even the webkit browser is heavily sandboxed like games are on top of being severely handicapped. From what I understand you can still get some webkits exploits going on the switch but unlike the ps4 they don't get you anywhere, But lets assume you do find a way to escape the sandbox. This time around you have to deal with a custom security processor that just functions on assuming the entire system is compromised to begin with. So like collatoral damgage on the xbox. "Yay we have a kernal exploit that really can't do anything and gets quickly fixed"

SciresM this, SciresM that. How about everybody stops taking a single person for his word and does their own research instead? He's not perfect, he can miss things just like anybody else.

Multiple people have done the same thing and come to the exact same conclusion, It's SciresM is the msot notable seeing as there the one who has spent the last few years pubically reverse engineering the entire thing while making the only CFW,

 

[FernandoRocker]

SciresM this, SciresM that. How about everybody stops taking a single person for his word and does their own research instead? He's not perfect, he can miss things just like anybody else.

You sound like an antivaxxer.

 

[[Truth]]

You sound like an antivaxxer.

Yeah, let´s discredit the guy who rewrote the entire Switch Kernel, because I did my own "research" aka installed some homebrew on my devices.

 

[The Real Jdbye]

Yeah, let´s discredit the guy who rewrote the entire Switch Kernel, because I did my own "research" aka installed some homebrew on my devices.

Everybody treats his word like it's the Bible or something. If everybody thinks like that, nobody is going to bother looking for exploits. And that's a problem.

As a developer myself I know how often a fresh pair of eyes can spot issues that I missed.

 

[[Truth]]

Everybody treats his word like it's the Bible or something. If everybody thinks like that, nobody is going to bother looking for exploits. And that's a problem.

As a developer myself I know how often a fresh pair of eyes can spot issues that I missed.

It’s not like he isn‘t in exchange with other people.
But the quality discussion takes place at other places, not gbatemp.
If you think your fresh pair of eyes can contribute something go to the ReSwitched discord.

 

[Marc_LFD]

You sound like an antivaxxer.

That's got to be a joke.

 

[Yorchus]

There is currently nothing. I'm sure some people are trying behind the scenes, but there is no guarantee when, or even if, a vulnerability would be found.

I made a post about why the Switch 2 may not be hacked anytime soon, if ever:
Software-wise is pretty much a non-starter. Hardware might possibly work, but there are more advanced protections in-place to resist hardware attacks and modchips, so it will take a long time, if anything happens.

They said it couldn't be done...