Re: [FD] Apple’s A17 Pro Chip: Critical Flaw Causes Dual Subsystem Failure & Forensic Log Loss

[josephgoyd via Fulldisclosure <fulldisclosure () seclists org>]

> The device continues to boot without Secure Enclave protections, and the user is not notified.
>
> That silent failure means:
>
> - The iPhone is running in a degraded state with no cryptographic guarantees (Face ID, keybags, encryption root of 
> trust are unavailable).
> - The user believes the device is secure, but in reality, confidentiality and integrity are broken.
> - Because forensic logs are pruned, the failure leaves no traceable evidence, compounding the security risk.
>
> This is what makes it high severity—it’s not just DoS, it’s a stealthy breakdown of the device’s core security model.
>
> On Wed, Sep 10, 2025 at 10:41 PM, Matthew Fernandez < [matthew.fernandez () gmail com](mailto:On Wed, Sep 10, 2025 at 
> 10:41 PM, Matthew Fernandez <<a href=)> wrote:
>
> > On 9/4/25 20:57, Joseph Goydish II via Fulldisclosure wrote:
> > > TITLE:
> > > APPLE'S A17 PRO SILICON FLAW: SHARED I²C4 BUS BETWEEN SECURE ENCLAVE AND DIGITIZER CAUSES CASCADING SYSTEM FAILURE
> > >
> > > …
> > > CONCLUSION:
> > > This is a HIGH-SEVERITY HARDWARE DESIGN FLAW…
> >
> > Can you elaborate on why you consider this high severity? From the
> > description, it sounds as if this behaviour is fail-closed. That is, the
> > effects are limited to DoS, with security properties preserved.
> > _______________________________________________
> > Sent through the Full Disclosure mailing list
> > https://nmap.org/mailman/listinfo/fulldisclosure
> > Web Archives & RSS: https://seclists.org/fulldisclosure/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/