A critical BootROM exploit has been discovered in Apple's A12 and A13 chips, allowing attackers to bypass the secure boot chain on numerous iPhone models, including the XS, XR, 11, and 11 Pro. This exploit, known as "usbliter8," targets a vulnerability in the SecureROM code, which is burned into the chip's silicon during manufacturing and cannot be patched. The flaw is linked to the use of Synopsys DesignWare USB controllers in these chips. As a result, millions of devices are potentially vulnerable to attacks that could compromise their security. The fact that the vulnerability is hardcoded into the chip's BootROM code means that a fix is not possible through traditional software updates1. This matters to security practitioners because it highlights the potential for long-term security risks in devices that cannot be patched, making them a permanent target for attackers.
Researchers drop checkm8-style BootROM exploit for A12 and A13 iPhones
⚡ High Priority
Why This Matters
A newly disclosed BootROM exploit affecting Apple's A12 and A13 chips gives researchers a way to break the secure boot chain on millions of iPhones and other Apple devices.
References
- The Register. (2026, June 19). Researchers drop checkm8-style BootROM exploit for A12 and A13 iPhones. *The Register*. https://www.theregister.com/security/2026/06/19/researchers-drop-checkm8-style-bootrom-exploit-for-a12-and-a13-iphones/5259028
Original Source
The Register
Read original →