Grab Total MAX 5G BYO plan for $25 per month!

Two more legacy iPhone processors are affected by latest variation of Apple hardware flaw

The BootROM flaw is embedded in certain Apple A-series application processor chips and the vulnerability cannot be patched.

0
Alan Friedman
By
Apple Processors iPhone
Add PhoneArena as a preferred source on Google
The iconic Apple logo on a column.
Legacy A-series Apple processors impacted by flaw. | Image by PhoneArena
Two of Apple's legacy A-series iPhone processors have a serious problem. According to security researcher Paradigm Shift, a BootROM vulnerability has affected the A12 Bionic and A13 Bionic application processors. The former SoC powers the 2018 iPhone XR, iPhone XS, and iPhone XS Max. The A13 Bionic powers the iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, and the iPhone SE (2nd generation).

BootROM flaw affects older Apple A-series application processors


The BootROM, also known as SecureROM, is the first code run by an iPhone when the device is turned on. With most vulnerabilities, Apple would push out a software update that would patch the flaw, hopefully before the problem was exploited by hackers. However, because the flaw in this case is embedded in the chip at the time it is manufactured, there is nothing that Apple can do to patch the vulnerability.

If you have an affected iPhone model, what would you do?
3 Votes

The last BootROM flaw took place in 2019 and was called "checkm8," which impacted the application processor (AP) chips used in the iPhone 4S to the iPhone X. The "usbliter8" vulnerability impacts the APs found in the iPhone XS to the iPhone 11 series.

The BootROM flaw is a USB controller hardware issue and has nothing to do with Apple's software


When an impacted iPhone is booted up, the phone receives USB data in the form of small packets. Like a mailman delivering the mail to individual chipsets, these packets are placed into the memory buffer by the USB controller in the chip.

Image of the iPhone 4S box.
The iPhone 4S is the oldest model impacted by BootROM. | Image by PhoneArena

A bug in the USB controller, discovered by Paradigm Shift, created a situation that allowed unusually small packets, when sent in a specific pattern, to manipulate the internal hardware pointer that keeps track of where the next packet should go. Instead of pointing forward to the next memory buffer to store a packet, the pointer goes backward and data ends up written in areas it should not reach.

Passcodes and encrypted user data are not impacted even when the flaw is exploited


The researchers said that the reaction caused by the bug indicates that the issue is with the USB controller and is not a problem with Apple's software. The usbliter8 flaw will allow someone with an impacted iPhone model in their possession to run their own code before iOS loads enabling specially modified software to boot up on the phone. The good news is that passcodes and encrypted user data remain secure.

You're not going to like what Paradigm Shift says is the only way around this vulnerability


According to Paradigm Shift, the only way to get around this vulnerability is to upgrade to a newer iPhone model. The A11 AP is safe because the pointer is reset after each packet and the A14 and later chipsets are also safe because Apple fixed the hardware flaw in later versions of the processor.

The bottom line is that this flaw can trick the iPhone into running unauthorized code. The affected iPhone models that are vulnerable to the "checkm8" and "usbliter8" variations of BootROM "include:

Recommended For You
  • iPhone 4S (A5) 
  • iPhone 5 (A6) 
  • iPhone 5c (A6) 
  • iPhone 5s (A7) 
  • iPhone 6 & 6 Plus (A8) 
  • iPhone 6s & 6s Plus (A9) 
  • iPhone SE (1st Generation) (A9) 
  • iPhone 7 & 7 Plus (A10 Fusion) 
  • iPhone 8 & 8 Plus (A11 Bionic) 
  • iPhone X (A11 Bionic)
  • iPhone XR (A12 Bionic)
  • iPhone XS (A12 Bionic)
  • iPhone XS Max (A12 Bionic)
  • iPhone 11 (A13 Bionic)
  • iPhone 11 Pro (A13 Bionc)
  • iPhone 11 Pro Max (A13 Bionic)
  • iPhone SE (2nd generation-A13 Bionic)

Before introducing the new "usbliter8" variation of the vulnerability, the flaw wasn't seen impacting any version of the iPhone after the iPhone X, which was released in 2017. Paradigm Shift's new report extends impacted iPhone models to 2019's iPhone 11 series and the second-generation iPhone SE.
Get Visible as low as $20/mo for 1 year. Limited time offer with code: FRESHSTART
$20 /mo
$25
$5 off (20%)
Offer Ends 6.1.2026 at 11.59pm ET. New members get $5/mo off the $25/mg Visible plan, $35/mo Visible+ plan, or $45/mo Visible+ Pro plan for the first 12 months. Promo code FRESHSTART required at checkout.
Buy at Visible
Google News Follow
Follow us on Google News
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.webp
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.
Read the latest from Alan Friedman
Recommended For You
COMMENTS (0)
Latest Discussions
Galaxy A16 5G Takeover
by Tinamichelle • 1
Galaxy S26+ Dial Pad
by readdriver • 2
Huawei Mate XT on T-Mobile Call echos
by ECPirate37 • 2
Discover more from the community
Popular stories
Galaxy S27 buyers may have reason to rejoice as Samsung reconsiders a controversial move
Galaxy S27 buyers may have reason to rejoice as Samsung reconsiders a controversial move
The foldable iPhone Ultra just leaked in full in this new video, with iOS 27 code backing it up
The foldable iPhone Ultra just leaked in full in this new video, with iOS 27 code backing it up
OnePlus is setting the stage for two exciting product launches by the end of the month
OnePlus is setting the stage for two exciting product launches by the end of the month
Some want to undo the $1 billion deal meant to improve Verizon's network
Some want to undo the $1 billion deal meant to improve Verizon's network
SpaceX asked to buy T-Mobile
SpaceX asked to buy T-Mobile
The anti-smartphone: Commodore releases a digital-detox flip phone
The anti-smartphone: Commodore releases a digital-detox flip phone
Latest News
Galaxy A16 5G was spotted running One UI 9
Galaxy A16 5G was spotted running One UI 9
You can't possibly say no to a cellular-enabled Apple Watch Series 10 at a $200 discount
You can't possibly say no to a cellular-enabled Apple Watch Series 10 at a $200 discount
Galaxy S27 buyers may have reason to rejoice as Samsung reconsiders a controversial move
Galaxy S27 buyers may have reason to rejoice as Samsung reconsiders a controversial move
The anti-smartphone: Commodore releases a digital-detox flip phone
The anti-smartphone: Commodore releases a digital-detox flip phone
iOS 27 vs Android 17: A visual comparison between Apple's and Google's newest software
iOS 27 vs Android 17: A visual comparison between Apple's and Google's newest software
Some want to undo the $1 billion deal meant to improve Verizon's network
Some want to undo the $1 billion deal meant to improve Verizon's network