Notebookcheck Logo

Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers

Hackers could conceivably leverage the Secure Enclave exploit to steal personal data and biometric info from iOS users (Image source: Panda Security)
Hackers could conceivably leverage the Secure Enclave exploit to steal personal data and biometric info from iOS users (Image source: Panda Security)
According to Pangu Team, a Chinese hacker group, an “unpatchable” exploit has been uncovered for Apple’s Secure Enclave, the co-processor that stores keys for Face ID, Touch ID, and passwords. This potentially puts the personal data and biometric information of millions of iPhone and iPad users at risk.

An alarming report by Chinese hacking group Pangu Team claims that an “unpatchable” exploit has been discovered for Apple’s Secure Enclave chip. If verified, this has serious implications for the data security of millions of iPhone and iPad users. 

Secure Enclave is a co-processor Apple uses to store very sensitive user data, like Face ID maps, that isn’t synced to iCloud. The hardware exploit uncovered by Pangu Team requires a hacker to have physical access to an iPhone or iPad. This is a minor relief, since it rules out remote attacks. 

However, because it’s a hardware exploit, Apple can’t issue a software patch to rectify it. This means that all iPhones from the iPhone 5S onwards, all iPads from the 5th generation as well as all iPad Airs and iPad Pros are at risk. Apart from iPhones and iPads, all Apple Watches, the HomePod, and many Apple TV and newer Mac models are at risk. 

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2020 08 > Alarming “Unpatchable” exploit in Apple’s Secure Enclave could put the data of millions of users at risk, per Chinese hackers
Arjun Krishna Lal, 2020-08- 3 (Update: 2020-08- 3)