New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones

Security researchers have publicly released a proof-of-concept exploit for Usbliter8, a hardware-level vulnerability affecting the SecureROM boot chain on Apple devices powered by A12 and A13 Bionic chips. Because the flaw exists in read-only memory baked into the silicon at manufacturing time, no software or firmware update from Apple can remediate it.

What Is Usbliter8?

Usbliter8 is a bootchain exploit that targets a vulnerability in Apple's SecureROM — the lowest-level, immutable code that executes when an iPhone powers on. SecureROM is designed to verify the integrity of subsequent boot stages, forming the foundation of Apple's chain-of-trust security model.

The exploit works over USB during the device's Device Firmware Update (DFU) mode, allowing an attacker with physical access to the device to:

Bypass Secure Boot verification
Gain unsigned code execution in the bootchain
Jailbreak the device in a way that survives full restores
Potentially deploy persistent spyware that re-installs itself even after factory resets

The PoC was released by security researchers who had previously reported the vulnerability to Apple. Apple confirmed it cannot be patched via software updates.

Affected Devices

The vulnerability affects all devices containing the A12 Bionic or A13 Bionic chips:

Chip	Affected Devices
A12 Bionic	iPhone XS, XS Max, XR; iPad Pro (3rd gen, 11-inch and 12.9-inch); iPad Air (3rd gen); iPad mini (5th gen)
A13 Bionic	iPhone 11, 11 Pro, 11 Pro Max; iPad (7th gen, 8th gen); iPod Touch (7th gen)

Newer devices running A14 Bionic and later are not affected — Apple hardened the BootROM against this class of attack starting with the A14.

Is This Being Actively Exploited?

At the time of writing, there is no confirmed evidence of in-the-wild exploitation targeting end users. However, the release of a public PoC significantly raises the risk profile:

Nation-state actors and advanced persistent threat groups with prior knowledge of similar exploits have likely had private access to this class of vulnerability for some time
The exploit requires physical USB access to the device, which limits opportunistic mass exploitation but doesn't prevent targeted attacks
Law enforcement and commercial spyware vendors (such as those behind tools like Pegasus) have historically leveraged bootchain exploits for forensic extraction and surveillance deployment

Security researchers have compared Usbliter8 to the checkm8 exploit disclosed in 2019, which targeted A5 through A11 chips and was similarly unpatchable.

Apple's Response

Apple has acknowledged the issue and confirmed that devices with A14 and later chips are not vulnerable. For older devices, Apple has:

Released iOS 18 security updates that add additional hardening layers above the bootchain — which cannot block Usbliter8 itself but can limit some downstream attack vectors
Noted that the exploit requires physical access to the device, which it considers a significant mitigating factor
Confirmed it will not issue a new chip revision for affected devices

What Should Users Do?

For individuals and organizations with affected devices in their environment:

Upgrade to A14+ devices where possible — iPhone 12 or later is unaffected
Enable Lockdown Mode on iOS 16+ for high-risk users (journalists, executives, activists). While it won't prevent the bootchain exploit, it significantly reduces the post-exploitation attack surface
Maintain physical security of devices — the USB access requirement means this exploit cannot be delivered remotely
Monitor for jailbreak indicators — unexpected app behavior, unusual battery drain, or unknown profiles in Settings > VPN & Device Management
For enterprise fleets, assess whether affected devices should be restricted to lower-privilege roles or replaced on an accelerated timeline

Broader Implications

Usbliter8 joins a small but significant class of permanently unpatched vulnerabilities that affect hardware still in active use. Unlike software flaws that can be addressed by vendors, these hardware-rooted issues create a permanent security gradient — newer devices are meaningfully more secure than older ones, regardless of software update status.

For organizations with security-sensitive operations, this is a reminder that device age is a security variable. An iPhone 11 running the latest iOS is not as secure as an iPhone 14 running the same software — the hardware beneath the software matters.

Apple is expected to continue providing iOS security updates for affected devices for several more years, but the bootchain vulnerability will remain throughout that lifecycle.

What Is Usbliter8?

The exploit works over USB during the device's Device Firmware Update (DFU) mode, allowing an attacker with physical access to the device to:

Bypass Secure Boot verification
Gain unsigned code execution in the bootchain
Jailbreak the device in a way that survives full restores
Potentially deploy persistent spyware that re-installs itself even after factory resets

The PoC was released by security researchers who had previously reported the vulnerability to Apple. Apple confirmed it cannot be patched via software updates.

Affected Devices

The vulnerability affects all devices containing the A12 Bionic or A13 Bionic chips:

Chip	Affected Devices
A12 Bionic	iPhone XS, XS Max, XR; iPad Pro (3rd gen, 11-inch and 12.9-inch); iPad Air (3rd gen); iPad mini (5th gen)
A13 Bionic	iPhone 11, 11 Pro, 11 Pro Max; iPad (7th gen, 8th gen); iPod Touch (7th gen)

Newer devices running A14 Bionic and later are not affected — Apple hardened the BootROM against this class of attack starting with the A14.

Is This Being Actively Exploited?

At the time of writing, there is no confirmed evidence of in-the-wild exploitation targeting end users. However, the release of a public PoC significantly raises the risk profile:

Nation-state actors and advanced persistent threat groups with prior knowledge of similar exploits have likely had private access to this class of vulnerability for some time
The exploit requires physical USB access to the device, which limits opportunistic mass exploitation but doesn't prevent targeted attacks
Law enforcement and commercial spyware vendors (such as those behind tools like Pegasus) have historically leveraged bootchain exploits for forensic extraction and surveillance deployment

Security researchers have compared Usbliter8 to the checkm8 exploit disclosed in 2019, which targeted A5 through A11 chips and was similarly unpatchable.

Apple's Response

Apple has acknowledged the issue and confirmed that devices with A14 and later chips are not vulnerable. For older devices, Apple has:

Released iOS 18 security updates that add additional hardening layers above the bootchain — which cannot block Usbliter8 itself but can limit some downstream attack vectors
Noted that the exploit requires physical access to the device, which it considers a significant mitigating factor
Confirmed it will not issue a new chip revision for affected devices

What Should Users Do?

For individuals and organizations with affected devices in their environment:

Upgrade to A14+ devices where possible — iPhone 12 or later is unaffected
Enable Lockdown Mode on iOS 16+ for high-risk users (journalists, executives, activists). While it won't prevent the bootchain exploit, it significantly reduces the post-exploitation attack surface
Maintain physical security of devices — the USB access requirement means this exploit cannot be delivered remotely
Monitor for jailbreak indicators — unexpected app behavior, unusual battery drain, or unknown profiles in Settings > VPN & Device Management
For enterprise fleets, assess whether affected devices should be restricted to lower-privilege roles or replaced on an accelerated timeline

Broader Implications

Apple is expected to continue providing iOS security updates for affected devices for several more years, but the bootchain vulnerability will remain throughout that lifecycle.

New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones

What Is Usbliter8?

Affected Devices

Is This Being Actively Exploited?

Apple's Response

What Should Users Do?

Broader Implications

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones

What Is Usbliter8?

Affected Devices

Is This Being Actively Exploited?

Apple's Response

What Should Users Do?

Broader Implications

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure