Security researcher Thomas Roth dumps ROM of ACE3 USB-C controller in modern Apple devices
by Anthony Bouchard · iDownloadBlog.comSecurity researcher Thomas Roth dumps ROM of ACE3 USB-C controller in modern Apple devices
Anthony Bouchard ∙ January 10, 2025
Starting with the iPhone 15 lineup, Apple moved from its proprietary Lightning iPhone connector to the more universally accepted USB-C connector for charging and data transfer. In doing so, Apple also incorporated an all-new USB-C controller chip that had never existed in any other Apple device before it.
Security researcher Thomas Roth, while investigating this USB-C controller, discovered countless interesting things and even managed to successfully dump its firmware. But that’s not all…
To start, the USB-C controller chip appears to be a completely custom chip made by Texas Instruments called the ACE3. It’s a next-generation version of the ACE2 that came on earlier Apple devices equipped with USB-C, such as M1-M2-equipped Macs.
ACE3 is a microcontroller with a full USB stack and it’s responsible for several important processes including USB Power Delivery and interfacing directly with the device’s SoC (system on a chip). It’s based on ACE2, but it’s just custom enough that it isn’t yet mapped in any publicly available pinout schematic.
Roth, being the bright security researcher he is, utilized his advanced technical knowledge of reverse engineering, RF side-channel analysis, and electromagnetic fault injection to fully unlock the inner workings of the ACE3. Not only was he able to dump the ROM, but also delve into the functionality of a previously unexplored chip.
Perhaps the most intriguing part of all of this is that by unlocking the secrets of the ACE3, Roth could use a MacBook vulnerability and a custom macOS kernel to backdoor all security mitigations in the SoC on the device. In effect, this meant achieving persistence that survives even full system restores.
Now… I want you to pay particular attention to that last part, because even the iPhone 15 lineup and newer have the ACE3 USB-C controller. Imagine if you could somehow hack that device and then trick that device’s SoC security mitigations to continuously approve that hack via persistence even after a reboot or a full system restore.
It’s all speculative at this point, but should a jailbreak ever come out for the iPhone 15 and 16 lineups on the latest firmware it would be interesting to see if the ACE3 USB-C controller could somehow play a role in enabling persistence, otherwise known as untethered-like functionality, for such a jailbreak.
It’s anyone’s guess at this point, especially considering a jailbreak for these devices isn’t even available, but it definitely raises some optimistic flags. Obviously, dumping the ACE3 USB-C controller in and of itself isn’t enough for making a jailbreak, but it remains to be seen if it could be used to enhance a future one or not.
I would highly recommend giving the presentation above a watch, because this is a particularly fascinating discovery.
In any case, Roth’s achievement in reverse engineering the ACE3 USB-C controller is commendable, and will go on to support security research for a while to come. On the other hand, it will be interesting to see if Apple rushes to come out with an updated and more secure ACE4 USB-C controller on future devices now that the ACE3 has been effectively “figured out.”
What are your thoughts about what Roth was able to do and his findings? Let us know in the comments section down below.