Unpatchable Usbliter8 Vulnerability Found on Apple A12 and A13 Chips
The usbliter8 vulnerability is unpatchable because it exploits a hardware bug in the USB controller and specific firmware configuration flaws, meaning affected devices cannot be fixed through software updates.
Reporting from 1 sources: GIGAZINE.
European cybersecurity research organization Paradigm Shift has disclosed an unpatchable vulnerability called usbliter8 that affects Apple devices with A12, A13, S4, and S5 chips. The exploit allows arbitrary code execution via USB when a device is in DFU mode, giving an attacker with physical access control over the boot process. The Secure Enclave is not compromised, but the attack surface for compromising it may broaden.
Paradigm Shift, an independent European cybersecurity research organization, disclosed an unpatchable vulnerability called usbliter8 that affects Apple devices with A12, A13, S4, and S5 chips. The exploit sends specially crafted data via USB while the device is in DFU mode, confusing the USB controller and writing data to incorrect memory locations. An attacker with physical access can then control the boot process, execute custom code before iOS loads, bypass signature checks, and boot modified system software.
Devices affected include the iPhone XS series, iPhone 11 series, iPhone XR, iPhone SE (2nd generation), multiple iPad models, Apple Watch Series 4 and 5, Apple Watch SE (1st generation), Apple TV 4K, Apple Studio Display, and HomePod mini. The Secure Enclave is not compromised, so passcodes and encrypted user data remain safe. Paradigm Shift coordinated the announcement with Apple's security team and released a proof-of-concept project on GitHub.
Synthesized by Yomimono from the 1 cited source below, including Japanese-language reporting where cited, then editorially reviewed before publishing.