Microsoft's Xbox One, which has been regarded as a console that is difficult to hack since its 2013 release, is facing questions about potential security weaknesses after a hardware hacking method using voltage fluctuations was disclosed.

Online media outlet Gigazine reported on March 18 that security researcher Markus Doom Gaasedelen (마커스 둠 가스델렌) revealed a new Xbox One hacking method dubbed Bliss at RE//verse 2026, a vulnerability research conference.

The Xbox One has touted a robust security system and was praised by Microsoft engineers during development as the company's most secure product, but the presentation has brought down the security myth it had maintained.

Technically, the Bliss hack uses a sophisticated approach that disrupts security routines by inducing a momentary collapse of the CPU voltage rail rather than the system reset pin. Gaasedelen developed new hardware observation tools to overcome the inability to directly view the internal structure and, using them, succeeded in applying two precise voltage glitches in succession.

The first glitch makes the system skip an ARM Cortex memory protection configuration loop. The second glitch manipulates a memcpy operation while reading a header, causing the system to jump to attacker-controlled data. Because the attack directly targets the silicon-level boot ROM, it is assessed as unpatchable through Microsoft software updates.

As a result of the hack, unsigned arbitrary code execution is allowed across all layers, including the hypervisor and operating system. With access secured to the core Security Processor, it also opens a path to decrypt game software as well as firmware and the entire operating system. This means digital archivists gain new permission to access internal Xbox One data beyond simply controlling the device, and it raises the possibility of leading to work such as developing high-performance emulators or producing modchips.

The hacking method applies only to early Xbox One models released in 2013. Later revisions, including the Xbox One S and Xbox One X, as well as next-generation devices such as the Xbox Series X·S, are outside the impact range of the hack. Executing the hack also requires skilled hardware modification work, including soldering a microcontroller directly to the motherboard and removing some existing capacitors to secure an appropriate voltage.

Gaasedelen made clear the research was not aimed simply at illegal game copying or downloads. He said he has not played games at all in recent years and did not come back to hack the Xbox One to download games illegally. He added he is more interested in whether others can reproduce his results and find beneficial ways to use them in the security research field.

The announcement is causing a major ripple in the industry because it shows the collapse of defenses of the Xbox One, which had been called the pinnacle of console security. Although the vulnerability is limited to older devices, it is expected to serve as an important reference for future next-generation console security designs because it exposes fundamental limits in hardware security design.