Skip to content
Tech News
← Back to articles

New Unpatchable Exploit Targets Apple Devices With A12 and A13 Chips

2026-06-19 | original
read original more articles
Why This Matters

The discovery of the unpatchable usbliter8 exploit highlights a significant hardware vulnerability in Apple devices with A12 and A13 chips, emphasizing the importance of hardware security in the tech industry. While it does not compromise the Secure Enclave directly, it exposes potential attack vectors that could threaten device integrity, underscoring the need for ongoing hardware security research and proactive measures for consumer protection.

Key Takeaways

Researchers have disclosed a new unpatchable BootROM exploit affecting Apple devices with A12, A13, S4, and S5 chips. The attack requires physical USB access and DFU mode, but can let an attacker run code before iOS loads, bypass signature checks, and boot modified software. 9to5Mac reports the details: In a highly detailed technical post published today, the Paradigm Shift Team details usbliter8, a new exploit that "leverages both a hardware bug in the USB controller and a specific configuration flaw present in the device firmware" and cannot be patched. The PS Team explains that ahead of today's disclosure, it shared its findings and worked with Apple Product Security to coordinate the release. The researchers also thanked Apple's security team for its "prompt response, constructive engagement, and cooperation throughout" the process. In a nutshell, this bug affects the following Apple SoCs: A12, S4, S5, and A13. [...] They add that "technical support for A12X/Z is possible," but "it is not currently implemented." That could add the 2018 and 2020 iPad Pro lineups to the list. The way usbliter8 works is: it sends specially crafted data to a device over USB while it is in DFU mode, confusing the USB controller and causing it to write data to the wrong part of memory. That gives an attacker with physical access to the device control over its startup process. From there, they can run their own code before iOS loads, bypass signature checks, and boot modified system software. Importantly, the exploit does not affect or compromise the device's Secure Enclave, which in practice means that data such as passcodes and encrypted user data remain secure. That said, PS Team says that "although usbliter8 doesn't affect SEP itself, it opens up wider attack vectors to compromise the Secure Enclave," adding that "by releasing this exploit publicly, we hope to highlight the real-world impact of these hardware flaws and contribute to a broader understanding of modern SecureROM security." [...] Given that this is also an unpatchable exploit, the researchers note that "affected users should be aware that migrating to newer hardware remains the most effective mitigation."

Read more of this story at Slashdot.

Explore topics: apple device exploit secure security
Related:
iPhone parts factory in India faces new health probe over alleged water contamination
HomeKit Weekly: The Qingping Air Monitor Lite brings a retro vibe to Apple Home climate tracking
Apple’s M6 chip launches this fall, with these new products rumored
visionOS 27 gives the M5 Vision Pro two unique new advantages
Apple Music in iOS 27 introduces new design changes in two key areas

© 2026 GoKawiil

About | Editorial Policy | Contact