Kaspersky's Global Research and Analysis Team has exposed a previously unknown 'feature' in Apple iPhones that allows attackers to bypass hardware-based memory protection.
Addressed in CVE-2023-38606, which was patched in July 2023, the issue affected iPhones running iOS versions up to 16.6, according to the cybersecurity outfit.
Kaspersky reckons the hardware feature might have been intended for testing or debugging.
The GReAT gang couldn't find any public documentation on it, which meant the attack vector proved tricky to detect and analyze using the team's usual tools.
Researchers had to reverse-engineer the device to track down the vulnerability.
Particular attention was paid to Memory-Mapped IO addresses used for communication between the CPU and other devices.
The problem was that the attackers used unknown MMIO addresses to bypass hardware-based kernel protection.
The team had to pick through the hardware, firmware, and kernel images to work out what was going on.
Kaspersky informed Apple about the exploitation of the hardware feature, which was swiftly mitigated.
As Larin observed, all the hardware protections in the world won't help if somebody leaves in an undocumented something that allows those protections to be bypassed.
'Security through obscurity' just doesn't cut it anymore.
This Cyber News was published on go.theregister.com. Publication date: Thu, 28 Dec 2023 16:13:05 +0000