Bymsoftnews 2 min read

New Unpatchable BootROM Exploit Published for Apple’s A12 and A13 Chips

Security researchers released technical details and a proof-of-concept for usbliter8, a permanent vulnerability in devices that cannot receive firmware fixes.

New Unpatchable BootROM Exploit Published for Apple’s A12 and A13 Chips

*Security researchers released technical details and a proof-of-concept for usbliter8, a permanent vulnerability in devices that cannot receive firmware fixes.*

Security firm Paradigm Shift disclosed usbliter8 on June 18. The exploit targets the SecureROM in Apple’s A12 and A13 chips and grants arbitrary code execution during the earliest stage of boot. Because the code resides in hardware, no software update can close the hole.

The vulnerability sits in the USB controller that handles the initial boot sequence. An attacker with physical access can trigger the flaw to run unsigned code before the operating system loads. Affected hardware includes the iPhone XS, XS Max, XR, and the entire iPhone 11 lineup. Several iPad models and Apple Watch units that use the S4 and S5 chips are also exposed.

Comparison to prior work

The disclosure extends the public record of BootROM attacks. The 2019 checkm8 exploit covered devices from the iPhone 4S through the iPhone X. usbliter8 now reaches the next generation of chips. Both attacks rely on flaws that cannot be patched after manufacture.

Paradigm Shift supplied technical write-ups and a working proof-of-concept. The firm did not claim remote exploitation paths; the current implementation requires direct USB connection.

Scope of impact

Devices built on A12 and A13 silicon will remain susceptible for their entire service life. Owners of those models cannot mitigate the issue through normal updates. Newer chips introduced after the A13 appear unaffected by this particular flaw.

Why it matters

For users still running A12 or A13 hardware, the finding removes any remaining assumption that older devices are only at risk from known, patchable bugs. Physical attacks that were previously limited to earlier chip generations now apply to a wider installed base. The practical risk depends on an attacker gaining direct access, yet the permanent nature of the hole means the exposure window never closes.

---

Sources:

{
  "excerpt": "Paradigm Shift disclosed usbliter8, an unpatchable BootROM exploit affecting Apple A12 and A13 devices including iPhone XS through 11 models.",
  "suggestedSection": "security",
  "suggestedTags": ["apple", "security", "exploit", "bootrom"],
  "imagePrompt": "A close-up of a silicon wafer fragment resting on a matte workbench beside a USB cable connector, soft shadows defining the etched circuitry patterns. Muted color palette, cinematic lighting, 16:9."
}

No comments yet

Continue reading