New usbliter8 BootROM Exploit Affects Apple A12 and A13 Chips
Security firm Paradigm Shift published details on June 18, 2026, regarding a permanent BootROM vulnerability in Apple’s A12 and A13 chips. Named “usbliter8,” the exploit affects the iPhone XS through the iPhone 11 series and cannot be patched via software because the flaw is baked into the hardware during manufacture.
How does the usbliter8 exploit bypass Apple’s security?
The exploit targets a bug in the USB controller hardware. When an iPhone starts up, the controller uses a memory buffer to handle incoming USB data packets. Paradigm Shift found that sending a specific sequence of unusually small packets forces an internal hardware pointer to walk backward through memory.
This allows the attacker to write data to memory locations that should be restricted. According to the researchers, this is a hardware failure in the USB controller itself, not a mistake in Apple’s software code. Once the researchers gained control, they installed a custom handler that lets the device boot unsigned software without verification checks.
Which iPhone models are vulnerable to this hardware flaw?
The vulnerability specifically affects devices using the A12 and A13 chips, covering the iPhone XS and the iPhone 11 series. Other models are safe for different technical reasons, according to Paradigm Shift.
The A11 chip, found in the iPhone X, isn’t affected because its USB driver manually resets the pointer after every packet. Newer A14 chips and later models are also secure because Apple implemented a memory protection feature at the BootROM level. This leaves A12 and A13 devices in a “vulnerable middle ground.”
The A12 vs. A13 Security Gap
Gaining control of an A12 device is relatively simple. The A13 is harder to crack. Apple introduced Pointer Authentication Codes (PAC) on the A13 to block memory tampering. Paradigm Shift reported that bypassing PAC required a “lengthy multi-step process” before they could take control of the processor.
What is the difference between usbliter8 and the 2019 checkm8 exploit?
Both exploits target the BootROM, but they affect different hardware generations. The “checkm8” exploit, released in 2019, targeted devices from the iPhone 4S up to the iPhone X. The usbliter8 exploit extends this vulnerability to the next generation of hardware.
Both exploits share a common “signature.” To signal a successful compromise, usbliter8 injects the string “PWND” into the iPhone’s USB serial number, a tradition started by checkm8. While usbliter8 doesn’t directly hit the Secure Enclave, Paradigm Shift warns that a BootROM compromise creates new paths for attacking that highly secure area.
What happens next for affected Apple devices?
Because this is a hardware bug, there’s no software update that can erase it. Affected iPhones will remain vulnerable for their entire operational lifespan. Paradigm Shift worked with Apple Product Security on a coordinated disclosure before making the proof-of-concept code public at ps.tc.
This trend suggests a continuing “cat-and-mouse” game between hardware designers and security researchers. As Apple adds layers like PAC and memory protection, researchers are forced to find more complex, multi-step chains to achieve the same results.
Frequently Asked Questions
Can Apple fix the usbliter8 vulnerability with an iOS update?
No. Since the flaw is in the BootROM (hardware), it cannot be patched via software.
Which iPhones are specifically affected?
Devices with A12 and A13 chips, including the iPhone XS and iPhone 11 series.
Does this exploit affect the Secure Enclave?
According to Paradigm Shift, it doesn’t affect the Secure Enclave directly, but it makes the Enclave more vulnerable to further attacks.
How do I know if my device was compromised?
A compromised device using this exploit will show the string “PWND” in its USB serial number.
Do you own an older iPhone? Let us know in the comments if this changes your upgrade plans, or subscribe to our newsletter for more hardware security alerts.