Security News > 2020 > October > Unpatched Apple T2 Chip Flaw Plagues Macs
A researcher is claiming that Apple devices - with a macOS operating system and a T2 security chip - are open to an exploit that could give bad actors root access.
The flaw stems from the T2 chip, which is the second-generation version of Apple's chip that provides bolstered security - including securing its Touch ID feature, as well as providing the foundation for encrypted storage and secure boot capabilities.
Macs sold between 2018 and 2020 have the embedded T2 chip and are affected by this issue.
"Apple left a debugging interface open in the T2 security chip shipping to customers, allowing anyone to enter Device Firmware Update mode without authentication," said Niels H. "An example cable that can be used to perform low-level CPU & T2 debugging is the JTAG/SWD debug cable found on the internet. Using the debug cable requires demotion however to switch it from a production state, which is possible via the checkm8 exploit."
Niels H. said if users suspect that their systems are being tampered with, to use Apple Configurator to reinstall bridgeOS on the T2 chip.