Apple Chip Flaw usbliter8: What We Know
A Barcelona security firm published usbliter8, an unpatchable Boot ROM flaw in Apple A12 and A13 chips that reopens the door to iPhone jailbreaks.
Founder & Lead Technician
Quick answer
Paradigm Shift, a Barcelona offensive security firm, published usbliter8, an unpatchable Boot ROM flaw in Apple A12 and A13 chips. It affects the iPhone XS, XR and 11, needs physical access, and reopens the path to an iPhone jailbreak.
A permanent crack appears in the iPhone armor
A newly disclosed flaw in Apple silicon has reopened one of the oldest doors in mobile security: the iPhone jailbreak. On Friday, June 22, 2026, the Barcelona-based offensive security company Paradigm Shift published details of a vulnerability it calls usbliter8, along with a working proof of concept showing how to exploit it.
The reason this is trending is simple and uncomfortable: the flaw cannot be patched. It lives in the chip itself, in code Apple physically burned in at manufacture, so no software update will ever close it.
The exploit affects iPhones built around Apple A12 and A13 chips, released in 2018 and 2019. That puts the iPhone XS, XR, and models up to the iPhone 11 squarely in scope.
What usbliter8 actually targets
The bug sits in the Boot ROM, the very first piece of code that runs the moment an iPhone powers on. Think of it as the device shaking hands with itself before anything else loads. Because it runs first, it is also the phone first line of defense, the gatekeeper that verifies everything that comes after it.
That is exactly why a Boot ROM flaw matters so much. Beat the gatekeeper, and the security checks stacked behind it start to wobble.
Here is the mechanical chain in plain terms:
- An attacker needs physical access to the target iPhone, specifically the ability to connect a cable to it.
- They use usbliter8 to exploit the Boot ROM during the early startup sequence.
- With that foothold, they can potentially defeat and bypass the further security checks that normally protect the system.
What usbliter8 does not do is hand anyone instant access to your photos and messages. By itself it is a foothold, not a full break-in. To actually reach the user data on a locked device, an attacker would still need to chain usbliter8 together with additional vulnerabilities.
Why it cannot be fixed
Most security flaws get a patch within days or weeks. This one will not, and the explanation is in the hardware.
The Boot ROM is read-only memory etched into the chip at the factory. Once it ships, that code is frozen. Apple cannot rewrite it, and neither can you.
Paradigm Shift put it bluntly in its disclosure: because these vulnerabilities reside in immutable code, affected users should know that migrating to newer hardware remains the most effective mitigation. In other words, if you are worried, the only real fix is a newer iPhone.
This is the same structural weakness that made the older checkm8 exploit so durable years ago. Hardware-level flaws do not expire on Apple schedule; they expire when the affected devices age out of use.
How worried should owners of older iPhones be?
Release of usbliter8 is a big deal inside the security and spyware-tooling world. It is not, however, a signal that older iPhones are suddenly easy for anyone to crack.
The physical-access requirement is the key limiter. A stranger cannot reach across the internet and trigger this. They would need your specific phone in hand and a cable connection, plus more exploits to finish the job.
| Factor | Detail |
|---|---|
| Affected chips | Apple A12 and A13 |
| Affected models | iPhone XS, XR, up to iPhone 11 |
| Access required | Physical, via cable connection |
| Patchable | No, flaw is in immutable Boot ROM |
| Best mitigation | Move to newer hardware |
For most people carrying one of these devices, the realistic risk is not random hacking but targeted physical access, the kind of scenario that matters most to journalists, activists, and anyone whose device might be seized.
Who this really empowers
The companies that build systems to crack seized iPhones, names like Cellebrite and Magnet Forensics, generally already have techniques similar to usbliter8 in their arsenals. A public release does not necessarily hand them new power.
The bigger shift is for independent researchers. A public Boot ROM exploit is often the first rung on the ladder: jailbreak the device, then probe for deeper flaws. Public iPhone jailbreaks were common a decade ago but have grown rare, partly because researchers who find valuable iOS bugs have little incentive to publish. Going public just gets the flaw fixed and sets them back.
By releasing usbliter8 openly, Paradigm Shift lowers the barrier for other researchers to start chaining exploits together, for better or worse.
What happens next over the coming 24 to 72 hours
Expect the security community to move fast. In the immediate window, watch for these developments:
- Independent researchers will begin validating the proof of concept and testing it against the named A12 and A13 devices to confirm reliability.
- Discussion will turn to chaining, as people probe what additional vulnerabilities could pair with usbliter8 to reach a full jailbreak or data extraction.
- Forensics and spyware vendors will quietly assess whether the public details change anything in their existing toolchains.
- Apple, which has not commented in the initial reporting, may be pressed for a response, though a hardware fix is off the table for affected models.
Paradigm Shift did not respond to questions about usbliter8 in the initial reporting, so several specifics remain open, including how broadly the technique has been tested and what exact follow-on exploits it might enable.
The practical takeaway
If you rely on an iPhone XS, XR, or 11 for anything sensitive, treat physical control of the device as your real security boundary. No update is coming to close this gap. The durable fix, uncomfortable as it sounds, is newer hardware.
Source: TechCrunch
Frequently asked questions
Which iPhones does usbliter8 affect?+
The flaw affects iPhones running Apple A12 and A13 chips, released in 2018 and 2019. That covers older models including the iPhone XS, XR, and up to the iPhone 11. Newer iPhones with later chips are not named in the disclosure.
Can Apple patch the usbliter8 flaw?+
No. The bug sits in the Boot ROM, the first code an iPhone runs at startup, which is burned permanently into the chip. Because that code is immutable, the flaw cannot be fixed with a software update. Paradigm Shift says moving to newer hardware is the most effective mitigation.
Can someone hack my iPhone remotely with usbliter8?+
No. The published exploit requires physical access to the device, meaning the attacker must be able to connect a cable to it. On its own usbliter8 is not a full remote hack; attackers would need to chain it with other vulnerabilities to reach user data.
Founder & Lead Technician
Harjindar founded Ask Technicians to cut through bad tech advice. He writes hands-on troubleshooting guides drawn from years of real-world repair and support work.
Related guides
Tata Electronics Data Breach: What We Know
Tata Electronics, an Apple and Tesla supplier, confirmed a cyber incident after 630GB of alleged data surfaced on a hacker forum. Here is what is at stake.
OpenAI Patch the Planet: Securing Open Source
OpenAI and Trail of Bits launch Patch the Planet to help open-source maintainers find and fix security bugs using AI tools like Codex Security.
Anthropic May Ask Claude Users to Verify ID
Anthropic's updated privacy policy says Claude may ask flagged users to upload a government ID and a selfie. Here is who is affected and why it matters.
AI Tech Layoffs 2026: What We Know So Far
Oracle cut 21,000 jobs and named AI as a factor, the latest in a 2026 wave of tech layoffs where companies post record revenue while citing AI for the cuts.