According to a tweet from the Polish video game developer, PC players should exercise caution when using mods because of “a vulnerability in external DLL files the game uses which can be used to execute code on PCs”.
“Issue will be fixed ASAP. For now, please refrain from using files from unknown sources,” said the developer. It had initially released official modding tools and support for Cyberpunk 2077 last week.
Check out the tweet below.
If you plan to use @CyberpunkGame mods/custom saves on PC, use caution. We've been made aware of a vulnerability in external DLL files the game uses which can be used to execute code on PCs. Issue will be fixed ASAP. For now, please refrain from using files from unknown sources.
— CD PROJEKT RED CS (@CDPRED_Support) February 2, 2021
CDPR further explained the nature of the security threat in a statement to EuroGamer. The developer noted that the issue was first highlighted by a group of community members and that the development team is working on a fix.
“In the meantime, we advise everyone to refrain from using files obtained from unknown sources. Anyone who plans to use mods or custom saves for Cyberpunk 2077 should use caution until we release the aforementioned fix,” it added.
The official modkit – which currently features Metadata, ArchiveDump, TweakDump and TweakDB IDs – will be “continuously updated” as more patches are released for Cyberpunk 2077 in order to “ensure compatibility”, CDPR said last week.
The official modkit was introduced days after the game received its latest update, Patch 1.1. While the patch was designed to improve the game’s stability, it also introduced another game-breaking bug.
The bug makes it unable for players to progress past the Down In The Street mission. While CDPR works on a permanent fix for the bug, it has shared tips on a short-term workaround.