New unpatchable exploit targets Apple devices with A12 and A13 chips
Security firm Paradigm Shift released a proof-of-concept exploit called usbliter8 targeting Apple's A12 and A13 chips. The vulnerability exists in the BootROM, also known as SecureROM, which is baked into the hardware during manufacture. Because it is a hardware-level flaw, it cannot be fixed with software updates.
What changed
Researchers published technical details and a working proof-of-concept for the usbliter8 exploit.
Live updates
-
Paradigm Shift Discloses Unpatchable usbliter8 Exploit for Apple Chips
confidence 90%Security firm Paradigm Shift released a proof-of-concept exploit called usbliter8 targeting Apple's A12 and A13 chips. The vulnerability exists in the BootROM, also known as SecureROM, which is baked into the hardware during manufacture. Because it is a hardware-level flaw, it cannot be fixed with software updates.
What's confirmed:
- The usbliter8 exploit targets Apple's A12 and A13 chips.
- The vulnerability is located in the BootROM, or SecureROM.
- The flaw is unpatchable because it is baked directly into the chip at manufacture.
- Paradigm Shift published the technical details and a working proof-of-concept for the exploit.
- The exploit allows code execution before iOS loads and bypasses signature checks.
Still unconfirmed:
- The exploit also affects S4 and S5 chips.
- The attack requires physical USB access and DFU mode.