Panda Software said that proof-of-concept code already exists that exploits this flaw and works on all versions of PSP firmware that can view TIFF files.
"The vulnerability is particularly dangerous as it could be exploited through malicious code programmed for this purpose or even directly by hackers," said Luis Corrons, director of PandaLabs.
Last year, PandaLabs detected the Format.A and Tahen Trojans that were designed to target the PSP and could delete files and even render the console unusable.
"It is highly recommended not to install software on consoles that does not come from reliable sources, and before doing so it is advisable to scan it first with an updated antivirus solution," said Corrons.
"Similarly, external communication by USB, IrDA or Wi-Fi should not be established with untrustworthy consoles or computers that could transfer unwanted information."
Eleven 'normal' outer moons, and one described as 'oddball' found circling Jupiter
Scientific discovery has found a quadrillion tonnes of diamonds in the earth's mantle
Mobile payment app makes users' details public by default
2,400 signatures gathered against the development and production of lethal robots