Xbox One Finally Hacked More Than a Decade After Release via Unpatchable Voltage Glitch
The Bliss exploit uses two precisely timed voltage glitches to compromise the boot ROM in silicon and load unsigned code at every level
The Xbox One was widely considered one of the most secure consumer electronics devices ever made, with Microsoft's layered security architecture resisting all previous hacking attempts. Traditional reset glitching techniques that had worked on earlier consoles proved ineffective against the Xbox One's defences.
Gaasedelen's breakthrough came through targeting the CPU voltage rail rather than the reset pin. The challenge was formidable because the researcher could not see into the Xbox One's internal state, requiring the development of entirely new hardware introspection tools.
The Bliss exploit works by delivering two voltage glitches in rapid succession. The first skips the loop where ARM Cortex memory protection is configured. The second targets the Memcpy operation during the header read, allowing a jump to attacker-controlled data.
As a hardware attack against the boot ROM burned into silicon, the vulnerability cannot be patched by any software update. The exploit provides complete access to the console including the Hypervisor, operating system, and security processor, enabling decryption of games, firmware, and other protected content.
Analysis
Why This Matters
This is one of the most technically impressive console hacks in gaming history. The fact that it required over a decade of effort and entirely novel hardware tools speaks to the quality of Microsoft's original security design.
Background
Console hacking has a long history stretching back to modchips for the original PlayStation. Each generation has brought more sophisticated security, but determined researchers have eventually cracked every major console.
Key Perspectives
From a security research perspective, the Bliss exploit demonstrates that hardware-level attacks remain viable even against well-designed systems. The technique of voltage glitching has implications beyond gaming for any device that relies on secure boot processes.
What to Watch
Whether the homebrew and preservation communities adopt the technique widely, and whether Microsoft applies lessons learned to future hardware designs.