Bootrom

🔴 Critical | Source: The Register — Security Security researchers have published a checkm8-style unpatchable BootROM exploit targeting Apple iPhones running A12 and A13 chips, including the iPhone XS through iPhone 11 series. Because the vulnerability exists in read-only boot firmware, Apple cannot issue a software patch — the only fix is a hardware replacement. This gives attackers a persistent, low-level foothold on affected devices that survives factory resets and OS reinstalls. ...

🟠 High | Source: The Hacker News Security researchers have released a working exploit called ‘usbliter8’ that targets a hardware-level vulnerability in Apple’s A12 and A13 chips, achieving arbitrary code execution within the SecureROM — the foundational boot code burned permanently into the silicon. Because the flaw exists in read-only memory, Apple cannot patch it via software updates. The attack requires physical USB access to the device, but any affected device remains permanently vulnerable for its operational lifetime. ...