TL;DR
A security research team named Calif has publicly disclosed the first known local privilege escalation exploit targeting Apple’s M5 chip. Using Anthropic’s Mythos AI, they demonstrated how to gain root access by bypassing hardware-enforced memory protections. The vulnerability was tested on macOS 26.4.1 and raises concerns about hardware security.
Researchers from Calif have publicly disclosed the first known privilege escalation exploit targeting Apple’s M5 chip, successfully bypassing the hardware-enforced Memory Integrity Enforcement (MIE). The discovery highlights a significant security concern for Apple devices using M5 processors, as it allows a standard user to gain root access with minimal effort.
The Calif research team tested their exploit chain on an Apple M5 machine running macOS 26.4.1. They demonstrated that the attack can bypass the MIE security feature, which enforces memory safety at the hardware level by tagging memory slices and verifying read/write operations. This bypass enables an attacker to execute commands with root privileges, potentially compromising system integrity.
The exploit was developed with the aid of Anthropic’s Mythos Preview AI, part of a series called the Month of AI-Discovered Bugs. The researchers confirmed that the attack works in practice and was disclosed to Apple in advance, with the findings now publicly available through detailed blog posts.
Why It Matters
This development is notable because MIE is designed to prevent common classes of vulnerabilities like buffer overflows and use-after-free bugs by enforcing memory safety at the hardware level. The ability to bypass MIE on the M5 chip suggests that even advanced hardware security features can be vulnerable, raising concerns about the overall security of Apple Silicon devices.
While Macs are not typically used as servers, the exploit’s ease of use and potential for full system control make it a significant concern for security researchers and enterprise users. It underscores the importance of ongoing hardware security testing and potential updates from Apple to address this vulnerability.
Multplx Universal Laptop Security Lock | Compatible with All Laptops inc MacBook | 1.7m Anti-Theft Cable | 4 Digit Combination Lock | Cut Resistant Steel Cable
Protect laptops from theft. Designed for laptops with no dedicated lock slot. Alternative to Kensington Locks.
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Apple’s M5 chip, part of the company’s silicon lineup, incorporates Memory Integrity Enforcement (MIE), a hardware feature aimed at preventing memory-based exploits. MIE is based on ARM’s Memory Tagging Extension (MTE) and enforces memory safety checks at the hardware level. Prior to this discovery, MIE was considered a robust security layer, with Apple claiming minimal performance impact.
The Calif research team is known for AI-assisted security research, and their recent work is part of a broader series exploring vulnerabilities uncovered with AI tools. This specific exploit was tested on macOS 26.4.1, an update that includes security enhancements for Apple Silicon devices.
There are no known prior public disclosures of similar exploits on the M5 chip, making this a pioneering discovery. Apple has not yet issued a public response or patch related to this vulnerability.
“This discovery demonstrates that even hardware-enforced memory protections like MIE can be bypassed, highlighting a new frontier in hardware security vulnerabilities.”
— Bruno Ferreira, researcher and writer
“Our exploit chain successfully bypasses MIE on the M5 chip, enabling root access from a standard user account.”
— Calif research team
Kali Linux Bootable USB Flash Drive for PC – Cybersecurity & Ethical Hacking Operating System – Run Live or Install (amd64 + arm64) Full Penetration Testing Toolkit with 600+ Security Tools
Dual USB-A & USB-C Bootable Drive – works on almost any desktop or laptop (Legacy BIOS & UEFI)….
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
It remains unclear whether Apple is aware of the vulnerability and whether a patch or firmware update is in development. The long-term security implications for other Apple Silicon chips, such as the A19, are also uncertain. Details about the exploit’s potential for remote or persistent attacks are still emerging, and the full scope of the vulnerability has not been publicly disclosed.
Apple Silicon vulnerability detection software
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Apple has not yet issued a formal response or security update regarding this vulnerability. Researchers and security professionals will likely monitor for any patches or advisories from Apple. Further testing may reveal whether the exploit can be adapted to other Apple Silicon models or if additional mitigations are implemented.
McAfee Total Protection 3-Device 2025 Ready |Security Software Includes Antivirus, Secure VPN, Password Manager, Identity Monitoring | 1 Year Subscription with Auto Renewal
DEVICE SECURITY – Award-winning McAfee antivirus, real-time threat protection, protects your data, phones, laptops, and tablets
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
What is the significance of this exploit?
This is the first publicly disclosed privilege escalation exploit on Apple’s M5 chip, capable of bypassing hardware memory protections and gaining root access, which could lead to full system compromise.
Can this exploit be used remotely?
No, the exploit requires running a command locally on the device, so it cannot be executed remotely without user interaction.
Has Apple responded to this discovery?
As of now, Apple has not issued any public statement or security patch addressing this vulnerability.
Will this affect other Apple Silicon chips?
It is currently unknown whether the exploit applies to other chips like the A19 or future models, as the research focused on the M5.
How can users protect their devices?
Until a patch is released, users should follow best security practices, including avoiding running untrusted code and keeping their systems updated when security fixes become available.
