Older iPhones hit by unpatchable BootROM flaw

Researchers who publish at ps.tc have disclosed usbliter8, a BootROM exploit chain affecting older Apple devices built around A12- and A13-generation silicon. At issue is SecureROM, the code burned into the chip at manufacture. Apple can add protections later in the boot process, but it cannot rewrite that code through a normal iOS or iPadOS update. Their write-up says the attack requires physical access, putting it closer to a seized or stolen device scenario than a remote compromise.

According to the disclosure, affected hardware includes devices using A12, A13 and Apple Watch S4 and S5 chips. A14 and later parts appear to be configured correctly in SecureROM, the researchers said. 9to5Mac reported that A11 and earlier hardware was already exposed to the separate BootROM exploit checkm8. That places usbliter8 in an awkward middle: devices old enough to be common in second-hand sales and workplace fleets, but not so old that every owner has moved on.

Mitigation is the hard part. For affected users, the team said “migrating to newer hardware remains the most effective mitigation” rather than waiting for a complete software fix. Publishing the proof of concept, it said, was meant to document the real-world impact of hardware vulnerabilities, because BootROM flaws sit below the software layer Apple usually patches quickly.

Apple Product Security coordinated the disclosure process, according to the researchers. In comments quoted by 9to5Mac, the team praised Apple’s “prompt response, constructive engagement, and cooperation throughout”. Still, the technical limit matters: once vulnerable SecureROM code is fused into the chip, Apple can harden later stages of the boot chain but cannot rewrite the BootROM on devices already in use. AppleInsider separately described the issue as an unpatchable SecureROM vulnerability affecting A12- and A13-based devices.

What it means for older iPhone owners

Australian users should read the disclosure as a device-handling risk, not a warning about mass online compromise. Physical possession is the key condition: a seized phone, a stolen handset, a device left unattended, or hardware sent into a lab or forensic setting. Short-term steps remain plain enough. Keep software current, use a strong passcode, limit access to the device and, where older A12- or A13-based hardware is still in service, treat replacement timing as a security question as well as a performance one.

One lesson is about the edge of Apple’s patch model. Fast software updates still matter for most iPhone flaws. BootROM bugs are different because the vulnerable code is embedded in silicon. Organisations still carrying older iPhones or iPads in test pools, field fleets or kiosk deployments have a less tidy problem: some hardware risks age with the device and eventually have to be retired with it.