Apple’s latest generation of A- and M-series chips, which power devices such as Macs, iPhones, and iPads, has been found to harbor critical vulnerabilities that can expose users’ sensitive data, including credit card information and location details accessed through browsers like Chrome and Safari. Notable affected sites include iCloud Calendar, Google Maps, and Proton Mail.
These vulnerabilities originate from the chips’ susceptibility to side channel attacks, a category of cyber exploitations that extract sensitive information through indirect means, such as measuring variations in timing, acoustic signals, or power consumption. Specifically, these vulnerabilities stem from their implementation of speculative execution—a performance-enhancing technique that allows processors to anticipate the pathways of execution and act upon them, diverging from the strict order of program instructions.
The vulnerabilities are linked to how Apple silicon has evolved speculative execution, not only anticipating the control flow but also predicting data flows, such as memory address retrieval. Two notable side channel attacks, FLOP and SLAP, exemplify these security gaps. FLOP capitalizes on the chips’ load value predictor (LVP), which is designed to infer memory contents that may not be immediately accessible. By manipulating the LVP to divert information from corrupted data inputs, an attacker can access restricted memory areas. This tactic could facilitate unauthorized access to sensitive location data from tools like Google Maps, email content from Proton Mail, and scheduled events from iCloud Calendar.
Conversely, the SLAP attack exploits the load address predictor (LAP), which predicts where executable instruction data may reside in memory. SLAP disrupts the LAP’s predictions, compelling it to incorrectly conjecture addresses. This manipulation allows malicious sites to interact with data within the browser’s active tabs, creating opportunities to extract private information from legitimate sites like Gmail and others.
Such vulnerabilities pose significant risks not only to individual users but also to organizations that rely on Apple devices for daily operations. The potential data breaches could have broader implications, especially in a landscape where cyber threats constantly evolve and become more sophisticated. As security experts continue to analyze these vulnerabilities, business owners are encouraged to stay vigilant regarding the protection of sensitive information on their devices.
In terms of MITRE ATT&CK tactics and techniques, these vulnerabilities may align with initial access through compromised applications, data exfiltration methods, and potential privilege escalation through unauthorized access to user data. This incident underscores the importance of robust security measures and constant vigilance against evolving cyber threats in today’s digital environment. Business owners must remain proactive in securing their systems against such vulnerabilities to safeguard their sensitive information.
