Quick Read
- The ‘Bliss’ exploit uses voltage glitching to bypass Xbox One security loops.
- The hack is unpatchable because it targets the console’s hardware boot ROM.
- Researchers can now decrypt firmware and games, likely accelerating future emulation.
The long-standing reputation of the Xbox One as an unhackable console has officially ended. At the RE//verse 2026 conference, security researcher Markus ‘Doom’ Gaasedelen demonstrated the ‘Bliss’ exploit, a hardware-level attack that bypasses the security measures that have protected the 2013 console for over a decade. By utilizing precise voltage glitching, the exploit allows for the execution of unsigned code at every level of the console, including the hypervisor and the operating system.
The Mechanics of the ‘Bliss’ Hardware Exploit
The success of the Bliss hack relies on a technique known as Voltage Glitch Hacking (VGH). Unlike previous console exploits that targeted software vulnerabilities, Gaasedelen’s approach focuses on the momentary collapse of the CPU voltage rail. By forcing two precise voltage glitches in rapid succession, the attacker can skip critical security loops. Specifically, the first glitch bypasses the ARM Cortex memory protection setup, while the second targets the Memcpy operation during a header read, granting the attacker control over the system’s data flow.
Because this attack targets the boot ROM at the silicon level, Gaasedelen confirmed that the exploit is unpatchable. This represents a total compromise of the Xbox One ecosystem, enabling the decryption of games, firmware, and security processor data. The breakthrough mirrors the historical impact of the Reset Glitch Hack (RGH) on the Xbox 360, but applies to a system that Microsoft engineers once touted as the most secure product in the company’s history.
Implications for Digital Preservation and Modding
The discovery of the Bliss exploit opens new doors for the gaming community, particularly for digital archivists. With the ability to decrypt firmware and OS components, researchers can now access previously locked areas of the Xbox One’s architecture. This level of access is expected to accelerate future emulation efforts, potentially allowing for the preservation of software that would otherwise be lost as official support for the hardware ages.
While the hardware requirements for the exploit are sophisticated, the creation of a dedicated mod chip to automate the electrical glitching process is now a technical possibility. Such a tool would standardize the process, making it accessible beyond the initial research environment. As the industry looks toward the next generation of console hardware, this breach serves as a stark reminder of the limitations of silicon-based security when faced with advanced physical introspection tools.
The Bliss exploit highlights a significant shift in console security, demonstrating that even long-term architectural defenses are susceptible to hardware-level manipulation when researchers are given sufficient time to develop specialized introspection tools.