Security experts from Paradigm Shift have released details about a new exploit named usbliter8, which facilitates arbitrary code execution within the SecureROM of Apple’s A12 and A13 processors. This flaw is deeply embedded in the chip’s hardware, rendering it immune to software patches. Devices using these chips remain vulnerable throughout their operational lifespan.
Exploit Details and Requirements
The usbliter8 exploit necessitates physical access to the device, which must be placed in Device Firmware Upgrade (DFU) mode and connected via USB to a specific RP2350-based microcontroller board. This setup allows the exploit to complete in less than two seconds, bypassing Apple’s initial boot chain.
The exploit, along with a comprehensive technical analysis, was publicly disclosed on June 18, 2026, following a coordinated effort with Apple Product Security. It targets a range of devices, including models equipped with A12, A13, S4, and S5 Systems-on-Chip (SoCs).
Vulnerable Devices and Impact
Usbliter8 supports several devices, notably the iPhone XS, XS Max, XR, the iPhone 11 series, the second-generation iPhone SE, various iPad models, and Apple Watch Series 4 and 5. Notably, devices with A11 SoCs are unaffected, and newer models starting with A14 are currently secure against this exploit path.
The vulnerability stems from a hardware flaw in the Synopsys DWC2 USB controller, which mismanages USB Setup packets. Apple’s configuration of the USB DART in SecureROM on A12 and A13 chips opens the door to potential memory overwriting, unlike the A11’s safer configuration.
Execution and Security Implications
Once usbliter8 is executed, it allows attackers to inject a custom USB request handler and alter the device’s USB serial string. This breach enables the temporary demotion of production mode and the loading of unsigned boot images, bypassing Apple’s security checks.
Despite the exploit’s severity, the Secure Enclave remains unaffected, as it operates separately from the main processor. However, Paradigm Shift cautions that gaining control at the BootROM level might expose new vulnerabilities.
No software updates can mitigate this exploit, similar to the earlier checkm8 vulnerability. As of June 19, 2026, there have been no official security alerts or reports of real-world exploitation.
Mitigation Strategies and Future Outlook
For most users, the immediate risk is minimal, as the exploit requires physical possession of the device. However, in high-security environments, this vulnerability necessitates reconsideration of device management and potential hardware upgrades to A14 or newer chips.
Organizations should inventory devices with A12, A13, S4, and S5 hardware and prioritize replacements. Additionally, avoiding DFU mode on untrusted connections is crucial for maintaining security.
This development highlights the ongoing challenges in securing hardware at a fundamental level and the importance of staying vigilant against emerging threats.
