Skip to main content
  1. Home
  2. Phones
  3. News

Your old iPhone may have a security flaw Apple can’t fix

Security researchers find a new BootROM exploit affecting iPhones with A12 and A13 chips

By
Add as a preferred source on Google
iPhone 11 Pro in hand
Apple iPhone 11 Pro Andy Boxall / Digital Trends

iPhones are widely seen as some of the most secure smartphones for everyday users. Still, Apple devices are not immune to serious security flaws, as recent threats like Coruna and DarkSword have shown. Now, security researchers at Paradigm Shift have detailed a different kind of exploit called usbliter8, which affects some older iPhones and targets a deep part of Apple’s startup process known as the BootROM.

The BootROM is the basic startup code that runs before iOS loads. It helps the iPhone begin the boot process and verify what should run next. Because it is built into the chip itself, it is much harder to fix than a normal iOS bug. Apple can usually patch software flaws through an update, but it cannot rewrite BootROM code on devices that have already shipped.

How does the exploit work?

According to the researchers, usbliter8 takes advantage of a weakness in the iPhone’s USB hardware and the way some older Apple chips handle USB data during startup. In simple terms, an attacker could send specially crafted USB data while the phone is starting up or in a restore mode. That can confuse the USB controller and cause data to be written to the wrong place in memory. From there, the exploit can interfere with the boot process and run unauthorized code before iOS has fully loaded.

iPhone 11
Julian Chokkattu / Digital Trends

That sounds serious, but there is an important limit. This is not a remote attack that can reach your iPhone through a website, text message, or app. It requires USB access, which means the iPhone would need to be connected to a computer or another USB device.

Which iPhones are affected?

The exploit affects Apple devices using A12 and A13 chips as well as Apple’s S4 and S5 smartwatch chips. For iPhone users, that includes the iPhone XR, iPhone XS, iPhone XS Max, iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, and the second-generation iPhone SE. For Apple Watch users, the affected models include the Apple Watch Series 4, Apple Watch Series 5, and the first-generation Apple Watch SE. Researchers do mention that the exploit is trickier to execute on devices with A13 chips.

Someone wearing an Apple Watch Series 5 on their wrist.
Andy Boxall / Digital Trends

Because this is a hardware-level issue, there is no normal software update that can completely remove the risk. A good rule is to avoid connecting older iPhones or Apple Watches to unknown computers, public USB ports, or untrusted accessories. If you own one of the affected models and security is a serious concern, moving to a newer device may offer the most peace of mind.

Sudhanshu Kumar Mangalam
Sudhanshu Kumar Mangalam
Contributor
I’ve got about 4 years of experience, mostly covering gaming, PC hardware, and smartphones. In my free time, I like…
Topics
The Galaxy S27 Pro might borrow the Ultra’s best screen trick
A new leak suggests Samsung is testing the Galaxy S26 Ultra's screen privacy feature for next year's Galaxy S27 Pro.
Samsung Galaxy S26 Ultra smartphone in blue color.

Samsung may extend the Galaxy S26 Ultra's screen privacy trick to more models next year. A new leak claims that the upcoming Galaxy S27 Pro might also offer Privacy Display to help users keep their screen away from prying eyes.

What the leak claims

Read more
I’ve used Apple gear for years, and right now is the best time to buy from the used shelf
With iPhone prices about to climb, buying from the used market makes more sense now than ever.
The iPhone 14 Pro held in a mans hand showing the screen.

Apple is preparing to raise iPhone prices in the coming months. CEO Tim Cook told The Wall Street Journal this week that climbing memory costs, driven by AI's demand for the same chips, have made the move necessary. For years, Apple managed to keep sticker prices steady, likely by absorbing some of the rising component costs on its own, but that cushion now appears to be gone. Having bought and used Apple products for years myself, I think this is the right moment to stop holding out for the newest release and start browsing the used shelf instead.

The savings add up fast

Read more
Apple has a stacked product lineup slated for later this year
Electronics, Phone, Mobile Phone

Apple has spent much of the past year playing catch-up in the AI conversation, but if a new report is accurate, the company is preparing to remind everyone that it still knows how to ship hardware. According to Bloomberg’s Mark Gurman, Apple has an unusually ambitious product roadmap stretching across late 2026 and 2027. While annual iPhone refreshes are nothing new, the list of devices in development reads like a company trying to reinvent multiple product categories at once. And honestly? It’s about time.

For years, Apple’s launches have largely followed a predictable formula: faster chips, slightly better cameras, and incremental refinements to products that already dominate their respective categories. That’s not necessarily a criticism — those products continue to sell incredibly well — but it hasn’t exactly been an exciting era for people hoping to see Apple take bigger swings.

Read more