An unpatched vulnerability, 'usbliter8,' has been found in Apple devices equipped with A12 and A13 chips.



It has been revealed that the

A12 chip in the iPhone XS series and the A13 chip in the iPhone 11 series have vulnerabilities that cannot be patched .

Paradigm Shift - Introducing usbliter8
https://ps.tc/pages/blog-usbliter8.html



New unpatchable exploit targets Apple devices with A12 and A13 chips - 9to5Mac
https://9to5mac.com/2026/06/18/new-unpatchable-exploit-targets-apple-devices-with-a12-and-a13-chips/

Paradigm Shift, an independent European cybersecurity research institute, has reported discovering an unpatched vulnerability called 'usbliter8' that could allow arbitrary code execution on Apple devices equipped with A12 and A13 chips.

usbliter8 is a vulnerability that 'exploits both a hardware bug in the USB controller and a specific configuration flaw in the device firmware.' Devices equipped with A12, A13, S4 , and S5 chips are affected by usbliter8, and a variety of devices are affected in addition to iPhones, including iPads, Apple Watches, and Apple TVs.

◆Devices equipped with the A12 chip
iPhone XS
iPhone XS Max
iPhone XR
3rd generation iPad Air
5th generation iPad mini
Apple TV 4K
8th generation iPad



◆Devices equipped with the A13 chip

iPhone 11
iPhone 11 Pro
iPhone 11 Pro Max
2nd generation iPhone SE
9th generation iPad
Apple Studio Display



◆S4 chip equipped devices

Apple Watch Series 4



◆S5 chip equipped devices
Apple Watch Series 5
1st generation Apple Watch SE
HomePod mini



usbliter8 is a vulnerability that allows attackers to create special data and send it to a device via USB while the device is in DFU (Device Firmware Update) mode. This can confuse the USB controller, causing it to write data to the wrong location in memory.

This allows an attacker with physical access to the device to control the boot process. From there, they can execute their own code before iOS loads, bypass signature checks, or launch modified system software.

This vulnerability does not affect or compromise the device's secure enclave , so passcodes and encrypted user data remain safe.

Paradigm Shift stated, 'While usbliter8 does not affect the Secure Enclave itself, it could broaden attack vectors that compromise the Secure Enclave. By disclosing this vulnerability, we hope to highlight the real-world impact of these hardware flaws and contribute to a broader understanding of modern SecureROM ( boot ROM ) security.'

The Paradigm Shift research team stated, 'Affected users should be aware that migrating to newer hardware is the most effective solution.'

Paradigm Shift explained that they shared their findings with Apple and worked with the company's security department to coordinate the announcement before releasing usbliter8. The Paradigm Shift research team expressed their gratitude to Apple's security team for their swift response, constructive involvement, and cooperation.

Paradigm Shift has released a proof-of-concept project for usbliter8 on GitHub, which garnered over 280 stars within hours of its release. At the time of writing, it had received over 360 stars.

GitHub - prdgmshift/usbliter8: An A12/A13 SecureROM exploit · GitHub
https://github.com/prdgmshift/usbliter8



Related Posts:

in Software,   Smartphone,   Security, Posted by logu_ii