"Unpatched Apple T2 Chip Flaw Plagues Macs"
An independent researcher has discovered that Apple devices with a macOS operating system and a T2 security chip are open to an exploit that could give bad actors root access. The flaw stems from the T2 chip and has not been fixed yet by Apple. Macs sold between 2018 and 2020 are affected by this issue. An adversary would need physical access to the device to exploit the flaw. After an adversary was able to gain root access, the adversary could perform a wide range of capabilities. Some of the capabilities include brute-forcing FireVault2 volume passwords (FireVault is Appleās implementation of encrypting data on macOS and Mac hardware), altering the macOS installation, and loading arbitrary kernel extensions.
Threatpost reports: "Unpatched Apple T2 Chip Flaw Plagues Macs"