Key facts
- A new vulnerability named 'usbliter8' has been disclosed in Apple's A12 and A13 chips.
- The flaw affects older iPhone models including the XS, XR, and iPhone 11.
- The vulnerability is located in the immutable Boot ROM, making it unpatchable.
- Exploitation requires physical access to the target iPhone.
- This discovery could facilitate the development of iPhone jailbreaks.
A newly disclosed vulnerability in Apple's A12 and A13 chips, dubbed 'usbliter8,' could allow hackers with physical access to unlock older iPhones. The flaw, published by offensive cybersecurity company Paradigm Shift, resides in the iPhone's Boot ROM, which is the initial layer of defense when the device powers on. Because this code is immutable, it cannot be patched, meaning affected users must upgrade to newer hardware for effective mitigation.
The vulnerability requires physical access to the target phone, such as connecting a cable, to be exploited. While this does not mean older iPhones are easily hackable by anyone, it opens the door for sophisticated hackers and government contractors to develop jailbreaks. A jailbreak removes Apple's restrictions on the iOS operating system, potentially allowing access to user data. Companies that specialize in hacking seized devices, like Cellebrite and Magnet Forensics, likely possess similar techniques.