Researchers from a group named Calif have identified a critical security flaw in Apple M5 chips. The vulnerability allows standard users to escalate privileges and gain root access on affected devices. This exploit successfully bypasses Memory Integrity Enforcement, a key hardware-level security feature designed to protect memory integrity.
New security flaw allows standard users to gain root access via memory bypass
The Calif team discovered the issue on an Apple M5 machine running macOS 26.4.1. The attack targets MIE, a system that uses 4-bit tags to monitor memory slices on M5 and A19 chips. The researchers utilized Anthropic's Claude Mythos Preview AI tool to aid in the discovery and development of the exploit code.

The Calif team disclosed the vulnerability to Apple in advance rather than releasing it as a zero-day exploit. This disclosure is part of a broader research initiative called the Month of AI-Discovered Bugs. The group claims to be the only ones publicly disclosing this specific issue, although they acknowledge uncertainty regarding the exclusivity of this claim.
This finding highlights the growing role of artificial intelligence in modern cybersecurity research. The use of Claude Mythos Preview demonstrates how AI tools can assist in identifying complex hardware-level vulnerabilities. The incident underscores the importance of robust security measures in Apple silicon architecture as new chips enter the market.




Discussion
0 comments
Log in to join the thread with a thoughtful take, question, or correction.