Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple's A12 and A13 Chips Facing New Unpatchable Exploit
- Thread starter MacRumors
- Start date
- Sort by reaction score
N0ughtsAndCr0sses
macrumors 6502a
Apple is doing it so ppl can upgrade.
Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 chips, along with a working proof-of-concept exploit named "usbliter8."
The BootROM, or SecureROM, is the first code an iPhone runs when it powers on. Because it is baked directly into the chip at manufacture, any vulnerability found there cannot be fixed with a software update, meaning affected devices will remain vulnerable for the rest of their lives.
The last publicly known BootROM exploit of this kind was "checkm8," released in 2019 which affected devices from the iPhone 4S through to the iPhone X. usbliter8 now extends that history to the next generation of chips, covering the iPhone XS through to the iPhone 11 series.
The exploit works by taking advantage of a bug in the USB controller built into Apple's chips. When an iPhone receives USB data during startup, the controller uses a memory buffer to store incoming packets. Paradigm Shift found that by sending a specific sequence of unusually small packets, they could manipulate an internal hardware pointer in a way that causes it to walk backwards through memory, allowing data to be written to locations it should never reach. The researchers say this appears to be a bug in the USB controller hardware itself, not in Apple's software.
The A11 chip, used in the iPhone X, is not affected because its USB driver manually resets the pointer after each packet. A14 and later chips are also safe, as they configure a memory protection feature correctly at the BootROM level. The A12 and A13 sit in a vulnerable middle ground between the two.
On A12 devices, gaining code execution is relatively straightforward. On A13 devices, things are considerably harder because Apple introduced a security feature called Pointer Authentication Codes (PAC), which detects and blocks certain types of memory tampering. Paradigm Shift says working around PAC on the A13 required a lengthy multi-step process before the researchers could finally take control of the processor.
Once in control, the exploit installs a custom handler that survives a device restart and adds two capabilities: temporarily lowering the device's security settings, and booting unsigned software without any verification checks. It also injects the traditional "PWND" string into the iPhone's USB serial number as a signal that the device has been compromised, a convention that carries over from checkm8 and earlier exploits.
Paradigm Shift notes that while usbliter8 does not affect the Secure Enclave directly, a BootROM compromise of this kind opens up wider avenues for attacking it. The firm says it reported its findings to Apple Product Security before publication and worked with Apple on coordinated disclosure. The full proof-of-concept code has been published alongside the write-up at ps.tc.
Article Link: Apple's A12 and A13 Chips Facing New Unpatchable Exploit
And THAT is a proper drive for sales, dunno why apple is not actually doing it.
uacd
macrumors 68000
Yet somehow it is normalized in our culture to keep iPhones near our bed when we sleep, wear Apple Watches even when we sleep, keep whole zoo of WiFi and cellular devices all around and so on. It is about as harmful as those goofy phones from 90s. And it is sad that people these days do not care about the effects of radio signals
headlessmike
macrumors 68000
They all do in some form. Lightning carries USB signals, so the devices contain USB controllers.
Yup the safety blanket of knowing no one can do anything with a lost phone is essentially blown away. However bear in mind your SE2 will get its last update (probably) in September and you shouldn’t be using it unpatched. I love my 13 mini but it’s only about a year behind of your SE2 in terms of its resting place in a drawer.
Talk about a non-story. At best this is a third-world problem. These are old iPhones and no, hackers cannot use this software bug remotely. The exploit, known as "usbliter8," requires physical possession of the iPhone. It cannot be triggered via a malicious text message, website, or app. At border crossings if your phone is confiscated you might have a problem. If law enforcement confiscates. you iPhone you might have a problem.
Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 chips, along with a working proof-of-concept exploit named "usbliter8."
The BootROM, or SecureROM, is the first code an iPhone runs when it powers on. Because it is baked directly into the chip at manufacture, any vulnerability found there cannot be fixed with a software update, meaning affected devices will remain vulnerable for the rest of their lives.
The last publicly known BootROM exploit of this kind was "checkm8," released in 2019 which affected devices from the iPhone 4S through to the iPhone X. usbliter8 now extends that history to the next generation of chips, covering the iPhone XS through to the iPhone 11 series.
The exploit works by taking advantage of a bug in the USB controller built into Apple's chips. When an iPhone receives USB data during startup, the controller uses a memory buffer to store incoming packets. Paradigm Shift found that by sending a specific sequence of unusually small packets, they could manipulate an internal hardware pointer in a way that causes it to walk backwards through memory, allowing data to be written to locations it should never reach. The researchers say this appears to be a bug in the USB controller hardware itself, not in Apple's software.
The A11 chip, used in the iPhone X, is not affected because its USB driver manually resets the pointer after each packet. A14 and later chips are also safe, as they configure a memory protection feature correctly at the BootROM level. The A12 and A13 sit in a vulnerable middle ground between the two.
On A12 devices, gaining code execution is relatively straightforward. On A13 devices, things are considerably harder because Apple introduced a security feature called Pointer Authentication Codes (PAC), which detects and blocks certain types of memory tampering. Paradigm Shift says working around PAC on the A13 required a lengthy multi-step process before the researchers could finally take control of the processor.
Once in control, the exploit installs a custom handler that survives a device restart and adds two capabilities: temporarily lowering the device's security settings, and booting unsigned software without any verification checks. It also injects the traditional "PWND" string into the iPhone's USB serial number as a signal that the device has been compromised, a convention that carries over from checkm8 and earlier exploits.
Paradigm Shift notes that while usbliter8 does not affect the Secure Enclave directly, a BootROM compromise of this kind opens up wider avenues for attacking it. The firm says it reported its findings to Apple Product Security before publication and worked with Apple on coordinated disclosure. The full proof-of-concept code has been published alongside the write-up at ps.tc.
Article Link: Apple's A12 and A13 Chips Facing New Unpatchable Exploit