ALBAWABA - In a recent revelation, Kaspersky's GReAT team has brought to light a critical security vulnerability, Operation Triangulation, impacting Apple iPhones. This flaw, identified in the Apple System on a Chip (SoC), has been exploited by attackers to circumvent hardware-based memory protection on iPhones running iOS versions up to iOS 16.6.
The security loophole, potentially tied to a hardware feature designed for testing or debugging, may be rooted in the 'security through obscurity' principle. Following a series of sophisticated attacks, including the initial zero-click iMessage exploit and subsequent privilege escalation, attackers leveraged this hardware feature to override security measures and manipulate protected memory regions.
This significant development prompted Apple to address the issue promptly, assigning it CVE-2023-38606 for identification.
Notably, this undisclosed feature posed a challenge for detection and analysis using conventional security methods. Kaspersky's GReAT researchers embarked on an extensive reverse engineering effort, meticulously scrutinizing the intricate integration of iPhone hardware and software. Their focus honed in on Memory-Mapped I/O (MMIO) addresses crucial for facilitating efficient communication between the CPU and peripheral devices in the system.
The attackers utilized unknown MMIO addresses, which were not defined in any device range, presenting a formidable challenge. The team delved into various device files, source codes, core images, and product software, searching for references to these MMIO addresses.
This discovery underscores the complexity of the Operation Triangulation campaign, shedding light on the sophisticated interplay between hardware and software in Apple's iPhones and the inherent challenges in uncovering concealed vulnerabilities
