AI Generated Image
Apple's A12 and A13 Chips Facing New Unpatchable Exploit
MacRumors • • technology
Key Points:
- Security research firm Paradigm Shift disclosed a new BootROM vulnerability affecting Apple's A12 and A13 chips, along with a proof-of-concept exploit called "usbliter8."
- The BootROM is immutable code baked into the chip, meaning affected devices cannot be patched via software updates and remain vulnerable indefinitely.
- The exploit leverages a hardware bug in the USB controller that allows memory corruption by sending specific USB packets during startup, enabling code execution on vulnerable devices.
- The A11 chip and later chips from A14 onwards are not affected due to different security implementations, placing A12 and A13 chips in a vulnerable middle ground.
- Once exploited, the vulnerability allows lowering device security settings and booting unsigned software, with the exploit signaling compromised devices via a "PWND" USB serial number tag; Paradigm Shift coordinated disclosure with Apple prior to public release.
