Xbox One Exploit Revealed at RE//verse 2026
The Xbox One, originally released in 2013, has until now evaded the fate of its contemporary PS4 and Wii U consoles - i.e. being "hacked" and running unsigned code. But that has finally changed. At the annual RE//verse 2026 conference this year in Orlando Florida, which focuses on reverse engineering, vulnerability research and malware analysis, security researcher Markus Gaasedelen "Doom" showcased a new exploit that has now made running unsigned code possible.
During his talk he discussed some of the prior challenges posed by Xbox One security including hardware-only content decryption keys, three VMs (HostOS, System OS, GameOS), forced updates and fuse revocation. He also discussed how his two pronged exploit known as "Bliss" managed to circumvent these security measures. Voltage glitching of the SOC power rails was utilized to skip two important security steps. The first skips the loop where the ARM Cortex memory protection is setup, the second targets the Memcpy operation which allows for jumping to user controlled data/memory.
The attack is unpatchable as it takes advantage of a hardware vulnerability, but it importantly only applies to the original, or first revision, of the Xbox One (at least for now). A further decryption of firmware, security measures, and understanding of the internals of the Xbox One could potentially reveal vulnerabilities in later revisions - and Doom says he is confident he can port this to the rest of the "Phat" consoles. Stay tuned for more updates.
You can watch the full video of Doom's presentation at RE/verse here:
During his talk he discussed some of the prior challenges posed by Xbox One security including hardware-only content decryption keys, three VMs (HostOS, System OS, GameOS), forced updates and fuse revocation. He also discussed how his two pronged exploit known as "Bliss" managed to circumvent these security measures. Voltage glitching of the SOC power rails was utilized to skip two important security steps. The first skips the loop where the ARM Cortex memory protection is setup, the second targets the Memcpy operation which allows for jumping to user controlled data/memory.
The attack is unpatchable as it takes advantage of a hardware vulnerability, but it importantly only applies to the original, or first revision, of the Xbox One (at least for now). A further decryption of firmware, security measures, and understanding of the internals of the Xbox One could potentially reveal vulnerabilities in later revisions - and Doom says he is confident he can port this to the rest of the "Phat" consoles. Stay tuned for more updates.
You can watch the full video of Doom's presentation at RE/verse here:
