Schneier on Security

A hacker named Gaasedelen successfully compromised the Xbox One using a voltage glitching technique called 'Bliss,' more than a decade after the console's 2013 release. Unable to use reset glitching, the attacker targeted momentary collapses of the CPU voltage rail, requiring custom hardware introspection tools. The exploit delivers two precisely timed voltage glitches: one bypasses ARM Cortex memory protection setup, and another hijacks a Memcpy operation to redirect execution to attacker-controlled data. Because it targets the boot ROM in silicon, the attack is unpatchable and achieves full compromise — enabling unsigned code execution at every level including the Hypervisor, OS, and security processor, allowing decryption of games and firmware.