Hardware Vulnerability in Apple Chips

First Unpatchable iPhone Exploit in Six Years

Apple, iPhone Exploit, Unpatchable iPhone Exploit, BootROM exploit, Apple chip vulnerability, usbliter8, unpatchable iPhone BootROM exploit usbliter8, Apple A12 A13 USB controller vulnerability, iPhone, vulnerability
Facebook
X
LinkedIn
Reddit
WhatsApp
Source: Hadrian / Shutterstock.com

A newly disclosed hardware exploit named usbliter8 is affecting older Apple devices, including the iPhone 11. The vulnerability resides in the BootROM layer and cannot be fixed via software updates, raising fresh concerns about long-term device security.

Security researchers at Paradigm Shift have released the BootROM exploit, which targets a hardware-level flaw in older Apple processors. Affected devices include the A12 chip in the iPhone XS, the A13 chip in the iPhone 11, as well as the S4 and S5 processors used in the Apple Watch and HomePod mini. Because the vulnerability is embedded in read-only memory within the USB controller, Apple has no ability to patch it through firmware or operating system updates.

Ad

Exploiting the flaw requires physical access to the device and the use of external hardware such as a Raspberry Pi. Standard USB connections via Windows PCs or Macs are unable to interact with the affected memory region, limiting attack scenarios but not eliminating them.

USB Controller Flaw Bypasses Security Protections

At the core of the issue is a malfunction in how the USB controller processes data packets. This can result in data being written to static memory without proper safeguards. Older processor generations prior to the A12 did not exhibit this behavior, as they reset DMA addresses after each transaction. Starting with the A14 generation, Apple corrected the configuration.

On A12-, S4-, and S5-based devices, modified firmware can be loaded directly. The iPhone 11, powered by the A13 chip, requires additional steps due to SecureROM protections. However, it remains fully vulnerable, and any modified firmware persists even after a device reboot.

Ad

Security Impact Extends to Modern iOS Versions

The discovery is particularly relevant in practice because the iPhone 11 remains the oldest Apple smartphone still supporting the latest operating system, iOS 26, and is expected to receive an update to iOS 27 in the fall, extending its software support by at least another year.

The last comparable unpatchable BootROM exploit, known as checkm8, was discovered in 2019 and affected Apple chips ranging from A5 to A11. Combined, these vulnerabilities effectively leave iPhone models from the iPhone 4S through the iPhone 11 permanently exposed to hardware-level modification.

(ll)


Ad

Artikel zu diesem Thema

Apple
20. April 2026
New phishing wave exploits Apples own servers
Mac Pro
27. March 2026
Apple pulls the plug on Mac Pro with no successor planned
11. September 2025
iPhone Air relies on eSIM: “Digital turning point”
12. June 2025
Apple: Criticism of EU demands as a data protection risk

Weitere Artikel

GITEX AI Europe 2026: Berlin Takes Centre Stage in the Sovereignty Debate
OpenAI Releases GPT-5.5-Cyber, Its New Cybersecurity Model
Europe’s Alternative to X: New Platform W Requires ID and Face Scan
Amazon, H&M and IKEA Push Back Against AI Labeling Requirements