Researchers at the cybersecurity firm Paradigm Shift have identified a permanent, unpatchable vulnerability in the SecureROM of older Apple devices, including those powered by A12 and A13 chips. Because the flaw exists in immutable code embedded directly into the hardware, Apple cannot issue a software update to fix it, leaving affected iPhones, iPads, and Apple Watches permanently susceptible to unauthorized boot-process overrides.
Which devices are affected by the SecureROM flaw?
The vulnerability, dubbed “usbliter8” by Paradigm Shift, specifically impacts hardware utilizing A12 and A13 chips, alongside S4 and S5 processors found in wearable tech. According to reporting from AppleInsider, the list of affected devices is extensive:
- iPhones: Models utilizing the A12 and A13 Bionic chips.
- iPads: Eighth and ninth generation, third-generation iPad Air, fifth-generation iPad Mini, and multiple iterations of the 11-inch and 12.9-inch iPad Pro.
- Wearables: First-generation Apple Watch SE, and Apple Watch Series 4 and 5.
Paradigm Shift also noted that while technical support for A12X and A12Z chips—found in 2018 and 2019 iPad Pro models—is theoretically possible, it has not yet been implemented, leaving those devices similarly exposed.
Because the vulnerability resides in SecureROM—the “read-only” memory that initializes when you turn your device on—it is physically impossible for Apple to push a patch via iOS updates. The code is hard-wired into the silicon.
How does the usbliter8 exploit work?
The exploit requires physical access to the device to function. According to the Paradigm Shift blog, attackers leverage flaws within the USB controller and the device firmware to intercept the boot process. By overriding the startup sequence before iOS loads, an attacker can theoretically run unauthorized software or gain access to the Secure Enclave Processor, which manages sensitive data like passcodes and encrypted credentials.
What are the risks for long-term device security?
The primary risk is the loss of hardware-level integrity. Since the vulnerability is tied to the physical chip, it cannot be mitigated through standard security updates. Paradigm Shift explicitly advises that “migrating to newer hardware remains the most effective mitigation” for users concerned about the exploit. Unlike software-based bugs that Apple can patch with a simple system update, this issue represents a permanent hardware-level weakness that will persist for the lifespan of the device.
If you are using an older device listed above, avoid leaving it unattended in public spaces or with untrusted individuals. Because the exploit requires physical access, your device remains secure as long as you maintain physical control of it.
Frequently Asked Questions
Can Apple fix this with an iOS update?
No. According to Paradigm Shift, the vulnerability exists in immutable code embedded in the hardware chips. Apple cannot extract or rewrite this code.
Is my iPhone currently being hacked?
The exploit requires physical access to your device. There is no evidence that this can be triggered remotely over the air.
What should I do if I own an affected device?
Paradigm Shift recommends moving to newer hardware if you require high-level security. For most users, maintaining physical possession of the device is the best defense.
Does this affect the latest iPhone models?
No. The vulnerability is limited to specific older chipsets, primarily the A12 and A13 series, as well as the S4 and S5 series.
Have you checked your device’s model number against the list of affected hardware? Share your thoughts on hardware-level security in the comments below, or subscribe to our newsletter for the latest updates on cybersecurity threats.
