Security Researchers Discover 47 Vulnerabilities in Apple's A18 Pro Chip Used in MacBook Neo and iPhone 16 Pro
Key Takeaways
- ▸47 confirmed vulnerabilities identified in Apple A18 Pro chip, including 5 critical and 8 high-severity issues affecting kernel, drivers, coprocessors, and userspace
- ▸Critical vulnerability (V-047) in AppleJPEGDriver allows kernel panics from unprivileged processes; high-severity issues enable WiFi hijacking and kernel hangs requiring forced reboots
- ▸Findings directly applicable to both MacBook Neo and iPhone 16 Pro due to identical silicon; 42 kernel extensions shared between iOS and macOS enable cross-platform vulnerability assessment
Summary
A comprehensive security research initiative has identified 47 confirmed vulnerabilities across Apple's A18 Pro chip, which powers both the MacBook Neo laptop and iPhone 16 Pro devices. The research, conducted on Apple's authorized Security Research Device (SRD) program, spans kernel, driver, coprocessor, and userspace services, with severity ratings ranging from critical to low. Among the most significant findings is a critical vulnerability (V-047) in AppleJPEGDriver that can trigger kernel panics from unprivileged processes, alongside high-severity issues including kernel-level panics via AMFI UserClient and unprivileged DNS/WiFi hijacking through networksetup confused deputy vulnerabilities.
The 729+ completed research tasks across 36+ phases have produced 6 formal security reports, with 4 already submitted to Apple and 2 pending submission. The research leverages sophisticated firmware analysis techniques, including a breakthrough in MT7932 WiFi firmware symbolication that revealed 3,312 entries enabling direct source-file mapping. The cross-platform nature of the work—with 42 kernel extensions shared between macOS and iOS—means vulnerabilities discovered on Mac have direct applicability to iPhone security, making this research particularly consequential for Apple's broader ecosystem.
- Research produced 6 formal security reports with coordinated disclosure process underway; sophisticated firmware analysis breakthrough enables direct source-file mapping for improved vulnerability triage
Editorial Opinion
This large-scale vulnerability disclosure represents a significant security audit of Apple's latest silicon across its premium product lines. While the existence of vulnerabilities is not unusual in complex systems, the breadth and severity of findings—particularly the critical AppleJPEGDriver panic and the kernel log exposure survey affecting 30+ subsystems—suggest potential gaps in Apple's internal security verification processes. The coordinated disclosure approach and Apple's SRD program demonstrate responsible vulnerability handling, but the sheer number of kernel-level issues warrants careful attention to patch deployment timelines, especially given the iPhone 16 Pro's widespread user base.
