Researchers at Paradigm Shift published usbliter8, a working exploit that achieves arbitrary code execution in the SecureROM of Apple A12 and A13 chips through a physical DFU-mode USB attack. The flaw is permanent on affected devices and extends the same kind of unpatchable risk previously seen with checkm8, impacting devices such as the iPhone XS, iPhone 11, Apple Watch Series 4 and 5, and the HomePod mini. #ParadigmShift #usbliter8 #checkm8 #A12 #A13 #DFU
Keypoints
- usbliter8 enables code execution inside Appleβs SecureROM on A12 and A13 chips.
- The exploit requires physical access, DFU mode, and a USB connection to an RP2350-based board.
- The root cause is a flaw in the Synopsys DWC2 USB controller and Appleβs DART bypass configuration.
- A12 devices can be exploited by overwriting memory near the USB task stack, while A13 requires bypassing PAC protections.
- The exploit can boot unsigned iBoot images and cannot be fixed by a software update.
Read More: https://thehackernews.com/2026/06/unpatchable-usbliter8-exploit-breaks.html