San Francisco: A new exploit has allegedly been found in Apple’s Secure Enclave chip putting the data of iPhone, iPad, Mac users at risk.
Chinese hackers from the Pangu Team claim to have found an unfixable vulnerability that could lead to breaking the encryption of private security keys, reports 9to5Mac.
The Secure Enclave is a security coprocessor included with almost every Apple device and the company encrypts all the data on an iPhone, iPad, Mac, Apple Watch, and other devices with “random private keys”. The Secure Enclave chip is the only thing that can access all these keys to decrypt the data.
The chip also stores keys for passwords, the credit card for Apple Pay, and even biometric data for Touch ID and Face ID.
This new security flaw is present in all the devices running chips between A7 and A11 Bionic. However, Apple has already fixed the exploit in A12 and A13 bionic chips so newer devices are safe.
Back in 2017, a group of hackers was able to decrypt the Secure Enclave firmware to explore how the component works, but they were unable to gain access to the private keys, so there wasn’t any risk to users.