New Unpatchable Vulnerability Targets Apple Devices with A12 and A13 Chips
Security researchers have disclosed a critical BootROM-level vulnerability, dubbed 'usbliter8', affecting Apple devices equipped with A12, A13, S4, and S5 chips. Because the flaw resides in hardware, it cannot be remediated through software or firmware updates. Exploitation requires physical USB access and placing the device into DFU mode, limiting remote attack risk but posing serious concerns for enterprise and government users.
Highlights
- The 'usbliter8' BootROM vulnerability, disclosed by Paradigm Shift Team, affects Apple A12, A13, S4, and S5 chip devices and cannot be patched via any software update.
- Exploitation requires physical USB access and placing the target device into DFU mode, making remote attacks impossible.
- The flaw allows attackers to execute arbitrary code before iOS loads, bypass Apple's signature verification, and boot modified OS images.
- Affected devices include iPhone XS, iPhone XR, the iPhone 11 series, iPad (8th gen), iPad Air (3rd gen), iPad mini (5th gen), and select Apple Watch models.
- Apple has not yet issued an official statement; affected users are advised to prioritize physical device security.
New Unpatchable Vulnerability Targets Apple Devices with A12 and A13 Chips
Security researchers have disclosed a critical vulnerability affecting Apple devices powered by the A12, A13, S4, and S5 chips. Because the flaw exists at the BootROM (Boot Read-Only Memory) level, it cannot be patched through any software or firmware update.
Technical Details
According to a detailed technical report published today by the Paradigm Shift Team, the vulnerability — named usbliter8 — exploits a hardware defect in the USB controller combined with a specific configuration sequence, allowing attackers to execute unauthorized code at the lowest level of the system.
Specifically, the vulnerability enables an attacker to:
- Execute arbitrary code before iOS loads
- Bypass Apple's signature verification mechanism, allowing unsigned software to run
- Boot modified operating system images
Attack Requirements and Risk Assessment
Notably, exploitation requires physical access to the target device and placing it into DFU (Device Firmware Update) mode via a USB connection. This means the vulnerability cannot be exploited remotely, and the risk to average users who maintain physical control of their devices is relatively limited.
However, the vulnerability poses a meaningful threat to enterprise users, government agencies, and individuals who have ever handed their device to a third party for repair or servicing.
Affected Devices
Apple devices equipped with the following chips are affected:
- A12 Bionic: iPhone XS, iPhone XR, iPad (8th generation), iPad Air (3rd generation), iPad mini (5th generation), and others
- A13 Bionic: iPhone 11 series and others
- S4 and S5 chips: Select Apple Watch models
Apple's Position
Because the vulnerability is embedded in the hardware-level BootROM, Apple cannot address it through an iOS update. Affected users are strongly advised to pay close attention to the physical security of their devices, avoid leaving them unattended with unknown parties, and be wary of any requests to enter DFU mode.
Apple has not yet issued an official statement regarding the vulnerability.
原文來源: 查看原文
FAQ
Newsletter
Subscribe to our Low-Altitude Industry Newsletter
Daily curated news on low-altitude economy and drone industry, delivered to your inbox.
