Security researchers at Paradigm Shift have disclosed a critical, unpatchable vulnerability dubbed “usbliter8” that impacts the SecureROM of Apple’s A12 and A13 Bionic chips. Because the flaw resides in hardware-level read-only memory, it cannot be fixed via iOS software updates. The exploit requires physical access to a device and a specialized setup, such as a Raspberry Pi, to trigger, according to technical documents released on June 18, 2026.
Which Apple devices are affected by usbliter8?
The usbliter8 vulnerability affects a wide range of devices utilizing the A12 and A13 Bionic chips, as well as specific wearable processors. According to Paradigm Shift, the list of vulnerable hardware includes the iPhone XS, XS Max, XR, iPhone 11 series, iPhone SE (2nd gen), iPad Air (3rd gen), iPad (8th and 9th gen), iPad mini (5th gen), Apple TV 4K (2nd gen), and the Studio Display. Additionally, the Apple Watch Series 4, Series 5, Apple Watch SE (1st gen), and HomePod mini are susceptible due to their S4 and S5 chipsets.
How does the usbliter8 exploit work?
The exploit functions by triggering a buffer underflow within the Synopsys DWC2 USB controller, a hardware component integrated into the affected chips. By sending a precise sequence of small data packets, attackers can manipulate a hardware pointer to gain write access to protected memory areas. For A12 chips, researchers report that code execution is achieved by overwriting the Link Register on the stack. The A13 implementation is more complex, requiring heap manipulation and the circumvention of Pointer Authentication Codes (PAC) through precise Direct Memory Access (DMA) timing.
Why is this vulnerability different from past security flaws?
Unlike standard iOS vulnerabilities that Apple can resolve with a firmware patch, usbliter8 is rooted in the physical architecture of the SecureROM. Industry observers noted on June 19, 2026, that this is the first non-patchable BootROM flaw for Apple mobile devices in roughly six years. While older chips like the A11 remain unaffected due to different USB driver configurations, and newer chips like the A14 utilize updated Device Address Resolution Table (DART) settings, the devices in the middle remain permanently exposed to anyone with physical access.
Did you know?
This exploit is not persistent. If a compromised device is rebooted, the system returns to its original state. To run unsignated code again, an attacker would need to re-perform the physical exploit sequence using a microcontroller.

What are the risks to user data?
While the exploit compromises the boot chain of the primary application processor, it does not provide direct access to the Secure Enclave Processor (SEP). The SEP manages sensitive data, including biometric information and encryption keys, which remain isolated. However, Paradigm Shift researchers warned that the ability to execute arbitrary code at the BootROM level creates entirely new, theoretical attack vectors against the SEP that were previously considered impossible.
Frequently Asked Questions
- Can Apple fix this with an update? No. Because the flaw is in the hardware BootROM, it cannot be patched via software.
- Is my data at risk if I don’t give my phone to someone else? No. The exploit requires direct physical access to the device and specific hardware tools like a Raspberry Pi.
- Should I replace my device? Experts suggest that users with high security requirements consider upgrading to devices powered by A14 chips or newer.
Are you concerned about hardware-level security, or do you have experience with mobile forensics? Share your thoughts in the comments below or subscribe to our security newsletter for the latest updates on emerging hardware vulnerabilities.
