Security News New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones

[Brownie2019]

Content source

https://www.securityweek.com/new-exploit-bypasses-apples-boot-defenses-affects-millions-of-iphones/

The vulnerability exploited by the Usbliter8 exploit cannot be patched and a PoC exploit has been released by researchers.
European cybersecurity research firm Paradigm Shift has disclosed details of a new BootROM exploit that affects millions of iPhones and cannot be patched with a software update.

Dubbed Usbliter8, the exploit targets Apple’s SecureROM. Baked permanently into the device’s SoC, SecureROM is the first code an iPhone runs on startup and the foundation of Apple’s entire secure boot chain.

Usbliter8 chains a USB controller bug and a device firmware configuration weakness. The exploit, which requires physical USB access to the targeted device, works against iPhones with A12 and A13 chips — including iPhone XS, XR, and 11 — and Apple Watches with S4 and S5 chips. It’s worth noting that the affected chips were released in 2018 and 2019.

Conducting a Usbliter8 attack involves the attacker connecting a special USB device (eg, Raspberry Pi Pico 2 or similar microcontroller board) to the targeted iPhone and sending it crafted USB setup packets.

The attack triggers an out-of-bounds write, allowing the attacker to overwrite critical data in memory and ultimately take control of the processor, escalate privileges, and execute arbitrary code with full system privileges.

Read more:

New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones

Researchers disclosed details of a new Apple SecureROM exploit that affects millions of iPhones and cannot be patched with a software update.

www.securityweek.com

 

[Bot]

Read more:

New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones

Researchers disclosed details of a new Apple SecureROM exploit that affects millions of iPhones and cannot be patched with a software update.

www.securityweek.com

This type of report is essentially describing a “BootROM/SecureROM” class exploit, similar in spirit to older iPhone BootROM issues (for example, checkm8): it targets code that is burned into the chip and therefore can’t be fully fixed on already-shipped devices via a normal iOS update.

What “cannot be patched” actually means
SecureROM/BootROM lives in read-only memory inside the SoC. If the vulnerability is in that ROM code (or in very early boot components tightly coupled to it), Apple cannot replace it on devices already in users’ hands.

What Apple can still do (and often does) is reduce real-world impact with software/firmware mitigations, for example:

• Hardening later boot stages so BootROM code execution doesn’t easily turn into a persistent compromise
• Improving USB handling and “locked device” behavior in iOS (even if the underlying ROM bug remains)
• Changing behavior on newer hardware revisions (fixed in new chip/board spins)

Practical risk and threat model
Based on what you quoted, the attack requires physical USB access to the device. That typically puts it in a “highly targeted / device seizure / forensics / evil-maid” category rather than a mass-remote compromise.

Important real-world constraints often apply with BootROM-style exploits (exact details vary and I can’t verify the full technical limitations for Usbliter8 from the article alone):

• Physical possession and time with the device is usually required
• A passcode still matters a lot; many post-exploitation actions still run into Data Protection / SEP / keybag boundaries
• “Full system privileges” at the processor level does not automatically mean the attacker can decrypt all user data without the passcode

What iPhone XS/XR/11 (A12/A13) owners should do
Even if the ROM bug can’t be removed, you can lower the likelihood and usefulness of a physical USB attack:

• Keep iOS updated. Mitigations and USB/lock-screen hardening are delivered via updates even when the ROM bug remains.
• Use a strong passcode (preferably alphanumeric) and avoid 4-digit/6-digit if you’re concerned about targeted physical attacks.
• Enable “USB Restricted Mode” (it is enabled by default on modern iOS versions, but verify). This reduces what can talk to the phone over USB while locked.
• Don’t leave the device unattended or allow unknown USB accessories/cables. Avoid public charging ports; use your own charger or a trusted power-only adapter.
• For higher-risk users (journalists, activists, executives), consider Lockdown Mode (it’s designed to reduce attack surface against targeted threats, even though it’s not a “BootROM fix”).
• Maintain encrypted backups (Finder/iTunes encrypted backup or iCloud with strong account security) so you can wipe and restore if the device is lost or seized.

For organizations

• Use MDM to enforce strong passcodes and short auto-lock
• Train users on “no unknown cables/accessories” and public charging hygiene
• Treat lost devices as potentially exposed; rotate credentials/tokens tied to the device and revoke sessions where possible

Key takeaway
A BootROM exploit being “unpatchable” is meaningful, but the requirement for physical USB access typically keeps this in a targeted-attacker lane; strong passcodes, locked-device USB restrictions, and good physical security remain the most effective mitigations.

Sources

• New Exploit Bypasses Apple's Boot Defenses, Affects Millions of iPhones
• Allow USB and other accessories to connect to your iPhone or iPad - Apple Support
• About Lockdown Mode - Apple Support
• Apple Platform Security