Tencent finds security vulnerabilities in Apple M1 chip devices and iPhone 12 Pro

Gandalf_The_Grey

Level 43
Verified
Trusted
Content Creator
Apr 24, 2016
3,231
Tencent Xuanwu Labs has successfully breached the latest MacBook equipped with the M1 chip and the iPhone 12 Pro using newly discovered security flaws, according to Tencent Security.

This may be the first publicly available security flaw that can affect Apple M1 chip devices.

Tencent Security said it recently discovered that by exploiting a vulnerability of the M1 chip, it is possible to bypass the system's restrictions on app permissions.

The team demonstrated the upgrade from normal to root privileges on a MacBook using the latest Apple M1 chip.

The version number of the system on the device is macOS Big Sur 11.0.1, the device model is MacBook Air (m1, 2020), and the chip is M1.

Tencent also demonstrated that after disabling an app's access to albums and contacts on iOS, the app can still read the phone's albums and contacts and upload them to the server. The device model is iPhone 12 Pro, iOS 14.2.
Chinese team finds security vulnerabilities in Apple M1 chip devices and iPhone 12 Pro – cnTechPost
 
Top