A security researcher has successfully hacked Apple’s proprietary ACE3 USB-C controller, exposing users to potential risks such as unauthorized data access and device manipulation. The vulnerability was discovered by Thomas Roth through reverse-engineering the controller’s firmware and communication protocols.
Roth exploited a weakness in the controller’s implementation of insufficient safeguards, allowing him to gain low-level access through specially crafted USB-C cables or devices. This compromised the controller, enabling it to emulate trusted accessories and perform actions without user consent.
The implications of this hack are significant, as the ACE3’s integration with internal systems raises concerns about untethered jailbreaks and persistent firmware implants capable of compromising the main operating system.
While Apple has not yet addressed the issue or provided a timeline for a fix, users are advised to remain cautious. Hackers could potentially exploit the vulnerability to intercept sensitive information during data transfers or execute malicious commands by bypassing security protocols.
The lack of immediate action from Apple and the complexity of the hack may lead some to question its severity. However, it is essential to note that malicious actors will likely attempt to exploit this methodology in the future, making user awareness and vigilance crucial in protecting device security.
Source: https://siliconangle.com/2025/01/12/apple-devices-risk-security-researcher-successfully-hacks-ace3-usb-c-controller