Notebookcheck Logo

Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers

Hackers could conceivably leverage the Secure Enclave exploit to steal personal data and biometric info from iOS users (Image source: Panda Security)
Hackers could conceivably leverage the Secure Enclave exploit to steal personal data and biometric info from iOS users (Image source: Panda Security)
According to Pangu Team, a Chinese hacker group, an “unpatchable” exploit has been uncovered for Apple’s Secure Enclave, the co-processor that stores keys for Face ID, Touch ID, and passwords. This potentially puts the personal data and biometric information of millions of iPhone and iPad users at risk.
Apple iOS iPhone iPad Pro Security

An alarming report by Chinese hacking group Pangu Team claims that an “unpatchable” exploit has been discovered for Apple’s Secure Enclave chip. If verified, this has serious implications for the data security of millions of iPhone and iPad users. 

Secure Enclave is a co-processor Apple uses to store very sensitive user data, like Face ID maps, that isn’t synced to iCloud. The hardware exploit uncovered by Pangu Team requires a hacker to have physical access to an iPhone or iPad. This is a minor relief, since it rules out remote attacks. 

However, because it’s a hardware exploit, Apple can’t issue a software patch to rectify it. This means that all iPhones from the iPhone 5S onwards, all iPads from the 5th generation as well as all iPad Airs and iPad Pros are at risk. Apart from iPhones and iPads, all Apple Watches, the HomePod, and many Apple TV and newer Mac models are at risk. 

Source(s)

Gizmochina 

Related Articles

Hackers stole nearly 1TB of sensitive data (Image source: Panda Security)
Data breach at Electronic Arts sees source code for the Frostbite engine fall into the hands of hackers 06/12/2021
Cybersecurity experts from all over the world tried to hack Morpheus for 2 months to no avail. (Image Source: umich.edu)
World's best 500+ cybersecurity experts fail to hack the Morpheus processor 03/06/2021
Experts remain unsure about the extent of the damage caused by the cyber attack (Image source: Panda Security)
Alleged Russian cyber attack allegedly exposed US deep state secrets through "Orion" data breach 12/18/2020
A new rumour suggests that there will be no October hardware event to mark the unveiling of the first ARM-powered MacBooks. (Image source: Notebookcheck)
Leaker claims that Apple may not have a Special Event planned for its first ARM MacBooks 08/11/2020
Apple is rumoured to be launching four iPhone 12 models next month. (Image source: EverythingApplePro)
Leaked details reveal the prices, battery sizes and storage capacities of the Apple iPhone 12 series 08/11/2020
The A14 Bionic is expected to offer substantial performance improvements over the A13 Bionic. (Image source: EveryhingApplePro)
Apple's 5 nm A14 Bionic chipset will apparently set new performance standards 08/10/2020
A new leak has revealed the schedule for Apple's September online event. (Image source: Apple)
Leak reveals Apple's September online event schedule with new iPad, Watch Series 6, iPhone 12 series, AirTags and AirPower all in tow 08/10/2020
Over 20GB of confidential design data and files were stolen from Intel in a security breach (Image source: Panda Security)
Hackers steal over 20GB of confidential design data from Intel in massive data breach 08/07/2020
The 27-inch iMac looks the same, but it has received multiple upgrades internally. (Image source: Apple)
Apple refreshes the 27-inch iMac; 21.5-inch iMac and iMac Pro upgraded too 08/05/2020
Facebook apparently has a data hemorrhage. (Source: Facebook)
Over 260 million Facebook profiles have been found to be on sale on hacker forums 04/23/2020
Mr. Smashy's hacking module (Image source: @THESMASHY)
Pi Zero-based WiFi hacking module created 12/30/2019
GoToMeeting's security issues may have been prevented by timely reporting. (Source: GoToMeeting)
GoToMeeting is found to be potentially susceptible to hacking 11/12/2019
VLC is a popular open source and cross-platform media player with over 3 billion downloads since 2005.
PSA: Update your copy of VLC to avoid allowing hackers full control of your computer when opening video files 06/24/2019
static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
.170
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2020 08 > Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers
Arjun Krishna Lal, 2020-08- 3 (Update: 2020-08- 3)