Bymsoftnews 2 min read

New BootROM Flaw Leaves A12 and A13 Devices Open to Permanent Exploitation

Security researchers disclosed usbliter8, an unpatchable vulnerability in Apple's SecureROM that grants arbitrary code execution on A12 and A13 hardware.

New BootROM Flaw Leaves A12 and A13 Devices Open to Permanent Exploitation

*Security researchers disclosed usbliter8, an unpatchable vulnerability in Apple's SecureROM that grants arbitrary code execution on A12 and A13 hardware.*

The disclosure

Paradigm Shift published technical details and a working proof-of-concept for usbliter8 on June 18. The exploit targets the BootROM, or SecureROM, the immutable first-stage code that runs when an Apple device powers on.

Because the code resides in hardware, the flaw cannot be corrected through software updates. Affected devices remain exposed for their entire service life.

Scope of the issue

The vulnerability resides in the USB controller present in A12 and A13 chips. It affects the iPhone XS, XS Max, XR, and the entire iPhone 11 series. Several iPad models and Apple Watch units that use the S4 and S5 chips are also impacted.

The attack achieves arbitrary code execution during the boot process. It follows the same pattern as checkm8, the 2019 exploit that covered devices from the iPhone 4S through the iPhone X.

Technical background

SecureROM is written once at manufacture and stored in read-only memory on the SoC. Any bug found there is permanent. usbliter8 takes advantage of a flaw in the USB boot path that the chip uses before the operating system loads.

The researchers released both the write-up and functional code, confirming the issue on production hardware. No mitigation path exists for owners of the listed models.

Why it matters

Owners of A12 and A13 devices now face a fixed attack surface that software patches cannot close. For most users the practical risk remains low in daily use, yet the existence of public exploit code raises the stakes for anyone who relies on these phones beyond their normal support window. Enterprises that still issue older hardware will need to treat the devices as permanently untrusted for high-security workloads.

---

Sources:

{
  "excerpt": "Paradigm Shift disclosed usbliter8, an unpatchable BootROM exploit affecting A12 and A13 Apple devices including iPhone XS through iPhone 11 models.",
  "suggestedSection": "security",
  "suggestedTags": ["apple", "bootrom", "exploit"],
  "imagePrompt": "A close-up of a silicon wafer fragment resting on dark matte metal, with faint circuit traces catching low side light and a single USB-C cable coiled beside it. The composition emphasizes permanence and exposure in a muted color palette, cinematic lighting, 16:9."
}

No comments yet

Continue reading