A company that sells hacking tools to government agencies has published details of a chip-level flaw in older Apple devices, and it is the kind of bug that Apple cannot patch. The vulnerability, nicknamed “usbliter8,” sits inside the Boot ROM of iPhones powered by Apple’s A12 and A13 chips. That covers devices released between 2018 and 2019, including the iPhone XS, XR, and iPhone 11.
According to TechCrunch, Paradigm Shift, an offensive cybersecurity company based in Barcelona, published a blog post about the flaw on Friday alongside a proof-of-concept exploit. The company warned that “as these vulnerabilities reside in immutable code, affected users should be aware that migrating to newer hardware remains the most effective mitigation.” In plain terms, because the Boot ROM is burned directly into the chip, no software update can touch it.
This does not mean older iPhones are suddenly easy targets for anyone with a USB cable. But for skilled researchers, government agencies, and the contractors who supply them with tools, this disclosure is significant. It hands them a documented starting point, one that could be combined with other vulnerabilities to build a full iPhone jailbreak or a working extraction tool.
The Boot ROM is the first piece of code that runs when an iPhone powers on. It is also the first line of defense. Any hacker wanting physical access to an iPhone’s data needs to get past it first. usbliter8, which requires a physical cable connection to the target device, potentially allows attackers to do exactly that, bypassing further security checks that would otherwise stop them cold.
This matters because companies like Cellebrite and Magnet Forensics, which sell phone-cracking systems to law enforcement, almost certainly have similar techniques already in their toolkits. What changes with a public disclosure like this is access. Researchers who previously lacked a Boot ROM entry point now have one. That opens up the research path that leads to jailbreaks, the kind of deep system access that lets someone strip away Apple’s restrictions entirely and probe what lies underneath.
Public iPhone jailbreaks were fairly common a decade ago but have become rare since. The reason is partly economic. Researchers who find valuable iOS flaws have little reason to share them. Publishing a vulnerability means Apple patches it, which wipes out months or years of work. The incentives push toward selling discoveries privately, often to governments or brokers who traffic in zero-day exploits.
Paradigm Shift sits squarely in that world. The company sells offensive tools to government clients, which makes the decision to publish usbliter8 publicly an unusual one. It is not clear what motivated the release. Paradigm Shift did not respond to questions about the vulnerability or its decision to go public with it. What is clear is that the disclosure serves as a reminder that even Apple’s hardware, widely considered among the hardest to break into, is not free from permanent, unfixable weaknesses. Older hardware, by definition, never gets a second chance once a flaw like this surfaces.