Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers

Hackers could conceivably leverage the Secure Enclave exploit to steal personal data and biometric info from iOS users (Image source: Panda Security)

According to Pangu Team, a Chinese hacker group, an “unpatchable” exploit has been uncovered for Apple’s Secure Enclave, the co-processor that stores keys for Face ID, Touch ID, and passwords. This potentially puts the personal data and biometric information of millions of iPhone and iPad users at risk.

Arjun Krishna Lal, Published 08/03/2020

An alarming report by Chinese hacking group Pangu Team claims that an “unpatchable” exploit has been discovered for Apple’s Secure Enclave chip. If verified, this has serious implications for the data security of millions of iPhone and iPad users.

Secure Enclave is a co-processor Apple uses to store very sensitive user data, like Face ID maps, that isn’t synced to iCloud. The hardware exploit uncovered by Pangu Team requires a hacker to have physical access to an iPhone or iPad. This is a minor relief, since it rules out remote attacks.

However, because it’s a hardware exploit, Apple can’t issue a software patch to rectify it. This means that all iPhones from the iPhone 5S onwards, all iPads from the 5th generation as well as all iPad Airs and iPad Pros are at risk. Apart from iPhones and iPads, all Apple Watches, the HomePod, and many Apple TV and newer Mac models are at risk.

Source(s)

Gizmochina

Hackers stole nearly 1TB of sensitive data (Image source: Panda Security)

Data breach at Electronic Arts sees source code for the Frostbite engine fall into the hands of hackers 06/12/2021

Cybersecurity experts from all over the world tried to hack Morpheus for 2 months to no avail. (Image Source: umich.edu)

World's best 500+ cybersecurity experts fail to hack the Morpheus processor 03/06/2021

Experts remain unsure about the extent of the damage caused by the cyber attack (Image source: Panda Security)

Alleged Russian cyber attack allegedly exposed US deep state secrets through "Orion" data breach 12/18/2020

A new rumour suggests that there will be no October hardware event to mark the unveiling of the first ARM-powered MacBooks. (Image source: Notebookcheck)

Leaker claims that Apple may not have a Special Event planned for its first ARM MacBooks 08/11/2020

Apple is rumoured to be launching four iPhone 12 models next month. (Image source: EverythingApplePro)

Leaked details reveal the prices, battery sizes and storage capacities of the Apple iPhone 12 series 08/11/2020

The A14 Bionic is expected to offer substantial performance improvements over the A13 Bionic. (Image source: EveryhingApplePro)

Apple's 5 nm A14 Bionic chipset will apparently set new performance standards 08/10/2020

A new leak has revealed the schedule for Apple's September online event. (Image source: Apple)

Leak reveals Apple's September online event schedule with new iPad, Watch Series 6, iPhone 12 series, AirTags and AirPower all in tow 08/10/2020

Over 20GB of confidential design data and files were stolen from Intel in a security breach (Image source: Panda Security)

Hackers steal over 20GB of confidential design data from Intel in massive data breach 08/07/2020

The 27-inch iMac looks the same, but it has received multiple upgrades internally. (Image source: Apple)

Apple refreshes the 27-inch iMac; 21.5-inch iMac and iMac Pro upgraded too 08/05/2020

Facebook apparently has a data hemorrhage. (Source: Facebook)

Over 260 million Facebook profiles have been found to be on sale on hacker forums 04/23/2020

Mr. Smashy's hacking module (Image source: @THESMASHY)

Pi Zero-based WiFi hacking module created 12/30/2019

GoToMeeting's security issues may have been prevented by timely reporting. (Source: GoToMeeting)

GoToMeeting is found to be potentially susceptible to hacking 11/12/2019

VLC is a popular open source and cross-platform media player with over 3 billion downloads since 2005.

PSA: Update your copy of VLC to avoid allowing hackers full control of your computer when opening video files 06/24/2019

Read all 1 comments / answer

Loading Comments

Comment on this article

AMD embarrasses Intel with Ryzen 7 ...

256-bit Hardware AES encryption on ...

Arjun Krishna - Tech Writer - 623 articles published on Notebookcheck since 2019

I've had a passion for PC gaming since 1996, when I watched my dad score frags in Quake as a 1 year-old. I've gone on to become a Penguin-published author and tech journalist. Apart from working as an editor at Notebookcheck, I write for outlets including TechSpot and Gamingbolt. I’m the Director of Content at Flying V Group, one of the top 5 digital marketing agencies in Orange County. When I'm not traveling the world, gathering stories for my next book, you can find me tinkering with my PC.

contact me via: Facebook, LinkedIn

Please share our article, every link counts!