Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Live updates

1. 1d ago

   Paradigm Shift Releases Unpatchable usbliter8 Exploit for Apple A12 and A13

   Researchers at Paradigm Shift published the usbliter8 exploit. This flaw allows arbitrary code execution within the SecureROM of Apple A12 and A13 chips. Because the vulnerability is hardware-based, no software fix is possible.

   What's confirmed:

   • The usbliter8 exploit enables arbitrary code execution in Apple A12 and A13 SecureROM.
   • The vulnerability is permanent and cannot be patched via software updates.
   • Paradigm Shift is the group of researchers that published the exploit.
   confidence 100%
2. 3d ago

   Paradigm Shift Releases usbliter8 Exploit for Apple A12 and A13 Chips

   Security researchers at Paradigm Shift have disclosed a BootROM vulnerability called usbliter8. The exploit targets Apple's A12 and A13 chips, allowing arbitrary code execution within the SecureROM. Because the flaw is baked into the silicon, it cannot be fixed via software updates.

   What's confirmed:

   • The usbliter8 exploit affects Apple's A12 and A13 chips.
   • The vulnerability exists in the SecureROM, which is the first code an iPhone runs upon powering on.
   • The flaw is unpatchable because the code is burned into the silicon during manufacture.
   • The exploit requires physical possession of the device.
   • Affected devices must be in DFU mode and connected via USB to an RP2350-based microcontroller board.
   • The exploit achieves arbitrary code execution in under two seconds before the signed boot chain loads.
   • The vulnerability is caused by a hardware USB flaw.
   • Paradigm Shift is the security research firm that published the exploit.

   Still unconfirmed:

   • The vulnerability also affects S4 and S5 chips.
   • The flaw affects seven specific iPhone models.
   confidence 100%