Security researchers have published a checkm8-style unpatchable BootROM exploit targeting Apple iPhones running A12 and A13 chips, including the iPhone XS through iPhone 11 series. Because the vulnerability exists in read-only boot firmware, Apple cannot issue a software patch — the only fix is a hardware replacement. This gives attackers a persistent, low-level foothold on affected devices that survives factory resets and OS reinstalls.

Security Architect’s Take: Audit your mobile device fleet and MDM policies immediately: any corporate-issued or BYOD iPhone with an A12 or A13 chip should be considered untrustworthy for accessing sensitive cloud workloads or acting as an MFA device. Consider accelerating hardware refresh for those devices and enforce conditional access policies that block or flag authentication attempts from potentially compromised endpoints.

Original advisory: Researchers drop checkm8-style BootROM exploit for A12 and A13 iPhones

Security researchers have released a working exploit called ‘usbliter8’ that targets a hardware-level vulnerability in Apple’s A12 and A13 chips, achieving arbitrary code execution within the SecureROM — the foundational boot code burned permanently into the silicon. Because the flaw exists in read-only memory, Apple cannot patch it via software updates. The attack requires physical USB access to the device, but any affected device remains permanently vulnerable for its operational lifetime.

Security Architect’s Take: Review your organisation’s mobile device and endpoint policies for any iPhone XS, XR, or equivalent A12/A13-era devices used to access cloud management consoles, VPNs, or sensitive SaaS platforms. Consider accelerating refresh cycles for these devices and enforcing compensating controls such as conditional access policies that factor in device hardware generation.

Original advisory: Unpatchable ‘usbliter8’ Exploit Breaks Apple A12 and A13 SecureROM Boot Chain