Security researchers have identified a critical vulnerability in Apple’s A12 and A13 chips, affecting devices such as the iPhone XR, iPhone XS, and iPhone 11 series. This flaw resides in the SecureROM, a fundamental component of the device’s boot process, and is deemed unpatchable due to its hardware-level nature.
The exploit, named “usbliter8,” was disclosed by security firm Paradigm Shift on June 18, 2026. It leverages a flaw in Apple’s USB boot protocol, allowing attackers to execute arbitrary code during the device’s boot sequence. This method bears similarities to the “checkm8” exploit, which previously targeted older devices up to the A11 chip. However, “usbliter8” extends this capability to newer models equipped with A12 and A13 processors.
To exploit this vulnerability, an attacker requires physical access to the device and a specially crafted USB-C cable. Once connected, the exploit can bypass security mechanisms, potentially leading to unauthorized access to sensitive data. Notably, while the vulnerability allows for code execution, it does not enable decryption of data protected by Apple’s Secure Enclave, which safeguards biometric information and encryption keys.
Apple’s SecureROM is embedded in the device’s hardware, making it immutable post-manufacture. Consequently, vulnerabilities at this level cannot be addressed through software updates, rendering them “unpatchable.” This characteristic underscores the severity of the “usbliter8” exploit, as it leaves affected devices permanently susceptible to this form of attack.
Historically, similar unpatchable vulnerabilities have been identified in Apple’s hardware. For instance, in 2020, a flaw in the T2 security chip was discovered, allowing attackers to gain root access to macOS devices. Like the current SecureROM issue, the T2 vulnerability required physical access and could not be mitigated through software patches.
Users of devices with A12 and A13 chips are advised to exercise heightened caution. Ensuring physical security of the device is paramount, as the exploit necessitates direct access. Avoiding the use of untrusted USB-C cables and peripherals can mitigate the risk of exploitation. Additionally, users should remain vigilant for any unusual device behavior and consider consulting with Apple support for further guidance.
This development highlights the ongoing challenges in hardware security. As devices become more integrated and complex, vulnerabilities at the hardware level pose significant risks. While software updates can address many security issues, hardware flaws require more comprehensive solutions, often necessitating hardware revisions in future device iterations.
