Older iPhones carry an unpatchable boot ROM security flaw

Older iPhones carry an unpatchable boot ROM security flaw — Latest news
Source: Latest news

Researchers at Paradigm Shift have disclosed a boot ROM vulnerability called usbliter8 that affects iPhones with A12 or A13 processors. The flaw lives in the SecureROM that runs before the operating system and could let an attacker with physical access install malicious code or run unauthorized commands.

Because the issue is in read-only memory it cannot be fixed with a software update, and it cannot be triggered remotely. Affected iPhones include A12 Bionic models — iPhone XS, XS Max and XR — and A13 Bionic models — iPhone 11, 11 Pro, 11 Pro Max and the iPhone SE (2nd generation).

Certain iPads with A12 or A13 chips and Apple Watch models with S4 or S5 processors (Series 4, Series 5 and the first‑generation SE) are also vulnerable. Devices with an A11 chip, phones with A14 or later, watches with S6 or later, and Macs with Apple silicon are not affected.

usbliter8, boot rom, securerom, paradigm shift, a12 bionic, a13 bionic, iphone 11, iphone xs, iphone se, apple watch