Usbliter8 BootROM flaw permanently compromises A12/A13 iPhones via physical USB

The exploit targets SecureROM, the immutable first-stage bootloader in Apple SoCs from 2018-2019. Attackers connect a microcontroller such as Raspberry Pi Pico 2 and send crafted USB setup packets that trigger an out-of-bounds write, overwriting memory to bypass signature checks before the OS loads. This grants full processor control and the ability to load unsigned firmware or downgrade security settings. SEP remains untouched, limiting direct data extraction but opening secondary vectors against the enclave.

The disclosure follows the Checkm8 pattern from 2019, where similar immutable silicon flaws affected earlier A5-A11 devices and enabled persistent jailbreaks and forensic tools. Procurement records show law-enforcement and intelligence agencies have funded physical-access toolchains for exactly these chip generations. Paradigm Shift released PoC code after notifying Apple, which issued no public statement.

Independent technical confirmation rests on the released proof-of-concept rather than vendor acknowledgment. Official silence mirrors prior hardware-class disclosures where Apple treats BootROM issues as unpatchable. The flaw underscores that mobile secure boot chains remain brittle when early silicon stages contain unfixable configuration weaknesses.

Forensic vendors are positioned to integrate the technique rapidly. Expect expanded physical extraction capabilities against mid-generation iPhones within contracted tool suites, increasing targeted device seizures by state actors.