A New Unpatchable SecureROM Exploit Has Been Discovered for Apple A12 and A13 Chips
Security researchers have once again put Apple's hardware security under the microscope. A newly disclosed exploit called usbliter8 targets the SecureROM — also known as BootROM — of Apple devices powered by A12 and A13 chips. The vulnerability is classified as unpatchable through software updates, meaning that millions of iPhone, iPad, and Apple Watch users are permanently exposed to a low-level security flaw that Apple cannot fix remotely. Here is everything you need to understand about this discovery, who is affected, and what it means for everyday users.
What Is the usbliter8 Exploit?
On June 18, 2026, security firm Paradigm Shift publicly disclosed the exploit, naming it usbliter8. The vulnerability achieves code execution by exploiting a flaw in Apple's USB boot process — specifically within the SecureROM, the very first code that runs when an Apple device powers on. Because SecureROM is embedded directly into the hardware and cannot be modified after manufacturing, any flaw found at this level is effectively permanent. Apple cannot push a software patch that rewrites the chip's read-only memory.
The name usbliter8 is a nod to its predecessor, checkm8, the widely known BootROM exploit that shook the Apple security community when it was released in 2019. While checkm8 targeted older chips — ranging from the A5 to the A11 Bionic — usbliter8 now extends that publicly known BootROM exploitation window forward to include A12 and A13 devices, covering a broader and more recently produced range of Apple hardware.
Which Apple Devices Are Affected?
The list of affected devices is significant. Any Apple product powered by the A12 Bionic or A13 Bionic chip falls within the scope of this vulnerability. This includes some of Apple's most popular iPhone models from the late 2010s and early 2020s.
- iPhone XS and iPhone XS Max — Apple's flagship smartphones from 2018, both powered by the A12 Bionic chip.
- iPhone XR — The more affordable 2018 iPhone model, also running on the A12 Bionic chip and one of the best-selling iPhones of its generation.
- iPhone 11 lineup — Including the standard iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max, all powered by Apple's A13 Bionic chip.
- Select iPad models — Several iPad devices that share the same underlying chip architecture are also confirmed to be vulnerable.
- Apple Watch models with S4 and S5 chips — The S4 and S5 chips used in certain Apple Watch generations are derived from the same architecture and are similarly affected.
This is a substantial number of devices that are still in active daily use around the world, which makes the scope of this disclosure particularly noteworthy for the Apple security community and for everyday consumers alike.
Why Can't Apple Fix It?
Understanding why this vulnerability is unpatchable requires a brief look at how Apple designs its chips. The SecureROM — or BootROM — is the initial firmware burned directly onto the silicon during the manufacturing process. It is the foundation of the entire secure boot chain that Apple relies on to verify that only trusted, Apple-signed software runs on its devices.
Because it is stored in read-only memory that is physically part of the chip, it cannot be modified, updated, or overwritten after the device leaves the factory. This architectural decision is intentional: it prevents malicious actors from tampering with the very root of the boot process. However, it also means that if a flaw exists in this code, Apple has no mechanism to deliver a fix. The hardware itself would need to be replaced.
This is identical to the situation with checkm8, where Apple publicly acknowledged the issue but noted that the only remediation was transitioning to newer chip generations. Users who remain on affected devices are left with a permanent hardware-level exposure.
How Serious Is the Risk for Regular Users?
It is important to put this vulnerability in context. Exploiting a BootROM vulnerability like usbliter8 is not a trivial or remote attack. In most documented scenarios, this class of exploit requires physical access to the device and typically needs to be executed while the device is connected via USB and entering a specific boot mode. This is not the kind of threat that spreads automatically over the internet or through a malicious app download.
For the average iPhone or iPad owner who keeps their device with them and does not hand it to untrusted parties, the immediate practical risk remains relatively low in day-to-day use. However, the implications are considerably more serious for high-value targets such as journalists, activists, executives, and government officials, where physical device access by a sophisticated adversary is a more realistic threat model.
The Broader Implications for Apple's Security Ecosystem
The release of usbliter8 extends the publicly known BootROM exploitation surface to cover A12 and A13 chips, which represents a meaningful expansion of what is accessible to security researchers, law enforcement forensic tools, and potentially malicious actors with physical access. While the jailbreak community may celebrate this as an opportunity to unlock devices from Apple's restrictions, security professionals view it with considerably more concern.
Historically, exploits like checkm8 have found their way into commercial device-unlocking and forensic extraction tools used by law enforcement agencies. The same trajectory is plausible for usbliter8, which could make affected devices more susceptible to unauthorized data extraction in contexts where a device is seized or stolen.
What Should Users Do?
While Apple cannot patch the underlying hardware flaw, there are practical steps users can take to reduce their exposure and protect their data.
- Keep your device physically secure. Since this exploit requires USB access and physical interaction with the device, keeping your iPhone or iPad in your possession is the most effective first line of defense.
- Enable a strong passcode. A long alphanumeric passcode significantly raises the difficulty of extracting meaningful data from a device, even if a BootROM exploit is used to gain initial code execution.
- Use full device encryption. Apple devices enable encryption by default when a passcode is set. Ensuring this is active protects your data at rest.
- Consider upgrading to a newer device. If you are working with sensitive information and are currently using an A12 or A13 device, migrating to a device with a newer chip generation that is not affected by this exploit may be worth considering.
- Follow updates from Paradigm Shift and Apple. While Apple cannot push a hardware fix, the company may issue guidance or introduce mitigations in software that raise the bar for exploitation in practice.
Conclusion
The disclosure of usbliter8 by Paradigm Shift is a significant moment in the Apple security landscape. By extending publicly known BootROM exploitation to A12 and A13 chips — covering beloved devices like the iPhone XR, iPhone XS, and the entire iPhone 11 family — this vulnerability reminds us that even the most carefully engineered silicon can harbor permanent flaws. For most users, the practical risk remains manageable through good physical security habits. But for those in high-risk environments, the message is clear: hardware security has its limits, and the boundaries of those limits just moved forward by two chip generations.