Is Apple no longer secure? A serious security vulnerability has been discovered in Apple products!

Even though recent innovations from Apple, the brand we know from the iPhone, have been met with some backlash, its strongest feature has always been security. With its hardware-based boot chain and frequent software updates, Apple was a brand synonymous with security. However, it has recently begun to encounter serious security problems. The newly revealed usbliter8 vulnerability and other hardware-level flaws have raised concerns that even Apple devices may have security vulnerabilities.



Cybersecurity firm Paradigm Shift has revealed an exploit called usbliter8 present in Apple's A12 and A13 chips. Researchers explain that during the device's boot process, the controller accepts very small USB packets and writes them to a memory buffer. By sending abnormally small packets, an attacker can cause the memory address pointer to advance backward, writing data to protected areas. This flaw is found within SecureROM;

So, can this flaw be fixed with a software update? No, because the first code that runs when the iPhone boots up is etched into the hardware, so any software update is ineffective. The only real solution is to switch to a new device.



According to Paradigm Shift, there's nothing to worry about because usbliter8 doesn't directly affect the Secure Enclave. The Secure Enclave is a separate coprocessor that stores passwords and biometric keys. However, a compromised BootROM could open up new ways to attack it. Several sources, including 9to5Mac and Applesfera, state that the exploit requires connecting to a specific device and is unlikely to affect ordinary users.

usbliter8 isn't the only hardware problem Apple faces. Researchers at the University of Illinois Urbana-Champaign and the University of Maryland have identified a side-channel attack called GoFetch on Apple's M-series. GoFetch uses the data memory-dependent prefetch unit (DMP) to observe memory accesses to secret data during cryptographic operations. Unlike usbliter8, GoFetch requires the malicious code to run on the same CPU core, and this risk can be mitigated by using fixed-time execution or updated cryptographic libraries.



Not all Apple security vulnerabilities are unpatchable. Turkish security researcher Ali Yavuz discovered a vulnerability in Apple's inter-process communication library, libxpc. While analyzing the xpc framework, Yavuz revealed that its memory management behavior allowed an application to arbitrarily execute code outside its sandbox or with elevated privileges. Apple assigned the bug the ID CVE-2024-0258 and thanked Yavuz on its security website. The company patched the issue in iOS 17.4, iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4, and watchOS 10.4.