Unpatchable Boot ROM Vulnerability Found in Apple A12/A13 Chips, Older iPhones Face Jailbreak Risk
N.R. Finch
Barcelona-based Paradigm Shift disclosed usbliter8, an unpatchable Boot ROM vulnerability in Apple's A12 and A13 chips affecting iPhone XS through iPhone 11; because the flaw is hardcoded in silicon, no software update can fix it — upgrading hardware is the only real defense.
What exactly is this vulnerability?
The flaw, dubbed usbliter8, sits in the iPhone's Boot ROM — the very first code the chip runs at power-on, and the device's lowest-level defense against attack.
This means → Boot ROM code is burned into the chip at the factory. Unlike normal software, Apple cannot patch it with an iOS update.
In plain terms = the "startup key" was etched wrong at birth; no amount of software upgrades can re-etch the hardware.
Which devices are affected?
The vulnerable chips are Apple A12 and A13, released in 2018 and 2019 respectively.
Affected models include iPhone XS, XR, and the iPhone 11 lineup.
Paradigm Shift stated explicitly: affected users should migrate to newer hardware as the most effective mitigation.
How hard is this flaw to exploit?
An attacker needs physical access to the target phone — exploitation requires a cable connection to the device.
usbliter8 cracks the deepest layer of the attack chain — Boot ROM entry — but on its own it is not enough. An attacker still needs to chain additional exploits to reach user data stored on the phone.
In plain terms = this pries open the first door, but several more locks remain inside. Remote data theft is not possible with this flaw alone.
Why does the security community consider this a big deal?
A public Boot ROM exploit gives other iOS vulnerability researchers — including those working for governments or contractors — a critical starting point for attack chains.
Companies like Cellebrite and Magnet Forensics, which sell forensic tools to law enforcement, likely already possess similar capabilities.
This reflects a broader rarity: public iPhone jailbreaks have grown scarce over the past decade. Researchers typically have little incentive to publish exploits, because Apple patches them immediately, rendering the work useless. Paradigm Shift broke that pattern by releasing proof-of-concept code outright.
Content is for reference only, not financial advice.