Published 4 days ago • loading... • Updated 2 days ago

New Unpatchable Exploit Targets Apple Devices with A12 and A13 Chips

Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 chips, along with a working proof-of-concept exploit named "usbliter8."
Because the vulnerability exists within the BootROM hardware, it cannot be fixed via software updates, meaning affected devices remain permanently vulnerable. The exploit leverages a hardware bug in the USB controller that cannot be patched.
While A12 devices are straightforward to exploit, the A13 chip requires bypassing Pointer Authentication Codes, a security feature designed to prevent memory tampering. The proof-of-concept project on GitHub has amassed more than 280 stars in just a few hours.
Researchers worked with Apple Product Security on coordinated disclosure before publication. Although "usbliter8" does not directly affect the Secure Enclave, it opens wider attack vectors to compromise it.
This exploit extends the history of "checkm8," a prior BootROM vulnerability released in 2019 that affected older Apple SoCs. Given the unpatchable nature, researchers advise that migrating to newer hardware remains the most effective mitigation for affected users.

Insights by Ground AI

31 Articles

Discover Serious Failure that Affects iPhone! Apple Has No Way to Solve

Apple has issued an alert to the owners of several old iPhone models. This happens after security investigators have revealed a particularly worrying vulnerability. Failure affects devices equipped with the...

2 days ago·Portugal

Read Full Article

patribotics.blog

Lean Right

The Usbliter8 Exploit Breaks SecureROM for Apple A12 and A13 Chipsets

In the world of modern technology, security vulnerabilities are a major challenge. Recently, security researchers have deployed a new exploit called usbliter8, which breaks the SecureROM boot chain for Apple A12 and A13 chips. The uncorrectable 'usbliter8' exploit breaks the SecureROM boot chain for Apple A12 and A13 chipsets. Security researchers at Paradigm Shift have deployed a working exploit, called usbliter8, that achieves random code exec…

3 days ago

Read Full Article

Mashable

Left

Older iPhones vulnerable to a flaw Apple can’t fix

Researchers have discovered a vulnerability with older iPhones that Apple can't patch.The team at Paradigm Shift, an independent European cybersecurity firm, published its findings on the flaw, which it calls usbliter8, on its blog on Thursday. Researchers exploited flaws in the USB controller and the device's firmware to override the boot process (when the phone turns on) and gain control of the device before iOS loads, and even run unauthorize…

3 days ago·New York, United States

Read Full Article

Tech Radar

Center

Apple users told to watch out for 'unpatchable' iPhone security issues - here's what we know

The bug is physical and also very difficult to exploit. Still, it can help jailbreak the device and snoop on the data inside.

3 days ago·United Kingdom

Read Full Article

Tech Spot

Center

The first unpatchable iPhone exploit in six years targets chips still running Apple's latest iOS

Security researchers at Paradigm Shift have published the first iPhone bootROM exploit in years. The process, called usbliter8, targets a hardware-level flaw, which means upgrading to newer hardware is the only real fix.Read Entire Article

4 days ago

Read Full Article