Back to Blog
Imac pro 2018 unfixable6/22/2023 ![]() However, he says Apple's limitations on building code at runtime mean that the company could find exploit attempts if it subjected App Store submissions to static analysis. ![]() Martin suggests that exploitation on iOS could be used to defeat privacy protections, noting that a malicious keyboard app might be able to function as a keylogger by sending typed text to another malicious app that could then forward the info to the internet. The M1 flaw affects macOS Big Sur, Linux v5.13+, and iOS/iPadOS, via the A14 chip, which according to Martin shares the same vulnerability. Apple, he says, was informed of the bug 90 days before he released his findings and issued a CVE-2021-30747 in response. Martin has published a proof-of-concept script to demonstrate how to read and write data to the overly talkative system register and a proof-of-concept script for setting up a covert channel on an M1 system.
0 Comments
Read More
Leave a Reply. |