{"id":69350,"date":"2026-06-18T19:35:08","date_gmt":"2026-06-18T17:35:08","guid":{"rendered":"https:\/\/www.apfelpatient.de\/?p=69350"},"modified":"2026-06-18T19:36:13","modified_gmt":"2026-06-18T17:36:13","slug":"unpatchable-gap-apple-a12-a13-chips","status":"publish","type":"post","link":"https:\/\/www.apfelpatient.de\/en\/news\/unpatchbare-luecke-apple-a12-a13-chips","title":{"rendered":"Unpatchable vulnerability in Apple's A12 and A13 chips"},"content":{"rendered":"

A new security vulnerability affects Apple's A12 and A13 chip generations \u2013 and it is essentially unfixable. Because the flaw is deeply embedded in the processors' boot code, devices from the iPhone XS to the iPhone 11 series remain permanently vulnerable. The exploit, named usbliter8, is based on a hardware bug that no software update can fix.<\/strong><\/p>\n\n\n\n

Security vulnerabilities are a part of everyday life for any operating system \u2013 Apple usually closes them with the next update. That's not possible here. The security research firm Paradigm Shift has publicly<\/a> disclosed a vulnerability in the so-called BootROM of the A12 and A13 chips, including a working proof-of-concept exploit called usbliter8. While Apple regularly addresses common vulnerabilities with patches, as recently seen with the belatedly released CVE details for several security updates<\/a>, this vulnerability will remain \u2013 for the entire lifespan of the affected devices.<\/p>\n\n\n\n

Why the gap cannot be closed<\/h2>\n\n\n\n

The BootROM, also known as SecureROM, is the first code an iPhone executes when powered on. It is permanently burned into the chip during manufacturing and cannot be altered afterward. Therefore, a vulnerability at this point cannot be fixed with an iOS update \u2013 affected devices remain permanently vulnerable.<\/p>\n\n\n\n

The last publicly known BootROM exploit of this type was checkm8 from 2019, which affected devices from the iPhone 4S to the iPhone X. usbliter8 now continues this series with the next chip generation and covers models from the iPhone XS to the iPhone 11 series.<\/p>\n\n\n\n

Which devices are affected<\/h2>\n\n\n\n

Only the two chip generations A12 and A13 are vulnerable. The older A11 generation is not affected because its USB driver manually resets a crucial memory pointer after each data packet. The A14 and all newer chips are also safe, as they correctly configure a memory protection function at the boot ROM level. The A12 and A13 occupy the vulnerable gap.<\/p>\n\n\n\n

Chip<\/th>Devices (selection)<\/th>Status<\/th><\/tr><\/thead>
A11<\/td>iPhone 8, iPhone X<\/td>not affected<\/td><\/tr>
A12<\/td>iPhone XS, iPhone XS Max, iPhone XR<\/td>affected<\/td><\/tr>
A13<\/td>iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, iPhone SE (2nd generation)<\/td>affected<\/td><\/tr>
A14 and newer<\/td>iPhone 12 and all later models<\/td>not affected<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n

This is how usbliter8 works<\/h2>\n\n\n\n

The exploit takes advantage of a flaw in the chips' USB controller. When an iPhone receives USB data during the startup process, the controller stores the incoming packets in a memory buffer. The researchers discovered that a specific sequence of unusually small packets can manipulate an internal hardware pointer, causing it to move backward through memory. This allows data to be written to locations it should never reach. The researchers believe the flaw lies in the USB controller hardware itself, not in Apple's software.<\/p>\n\n\n\n

How easily a complete takeover can be achieved depends on the specific chip. Code execution is relatively straightforward on A12 devices. It becomes significantly more difficult with the A13, as Apple introduced Pointer Authentication Codes (PAC) with this generation. These codes detect and block certain forms of memory manipulation. According to Paradigm Shift, circumventing this protection required a lengthy, multi-stage process before the researchers were finally able to gain control of the processor.<\/p>\n\n\n\n

What a successful attack makes possible<\/h2>\n\n\n\n

Once the exploit gains control, it installs its own handler that even survives a device restart. This allows two things to be achieved: The iPhone's security settings can be temporarily lowered, and unsigned software can be launched without any verification. As a distinguishing mark, the exploit also writes the traditional "PWND" inscription into the device's USB serial number \u2013 a convention already known from checkm8 and previous attacks.<\/p>\n\n\n\n

usbliter8 does not directly attack the Secure Enclave, which contains particularly sensitive data such as biometric information. However, the researchers point out that a BootROM compromise of this kind could open up further attack vectors to the Secure Enclave.<\/p>\n\n\n\n

How serious the gap really is<\/h2>\n\n\n\n

The key to classifying this attack is its prerequisite: it requires physical access to the device and a USB connection during the boot process. usbliter8 cannot be triggered remotely, for example via a website or message. For everyday use of an affected iPhone, this means a limited risk, as long as the device does not fall into the wrong hands.<\/p>\n\n\n\n

The vulnerability becomes more relevant in scenarios involving physical access \u2013 for example, with confiscated, lost, or resold devices. Paradigm Shift states that it reported its findings to Apple Product Security before publication and collaborated with the company as part of a coordinated disclosure. The complete proof-of-concept code was published along with the technical analysis. Anyone selling an older iPhone with an A12 or A13 chip should therefore prepare it particularly thoroughly \u2013 our guide on how to securely reset an iPhone before selling it<\/a> summarizes what's important.<\/p>\n\n\n\n

Hardware vulnerabilities don't disappear with age<\/h2>\n\n\n\n

Unlike software vulnerabilities, usbliter8 doesn't disappear with the next update. As long as devices with A12 and A13 chips are in circulation, the vulnerability remains open \u2013 and more of these models appear on the used market every year. However, there is no risk for current iPhones with the A14 chip or later, as Apple closed the underlying security gap starting with this generation. (Image: Shutterstock \/ Adel Newman)<\/p>\n\n\n\n