People generally trust iPhones to be locked down tight. But even Apple’s hardware has cracks, and recent issues like Coruna and DarkSword proved that.
The latest one comes from researchers at Paradigm Shift, who found a flaw called usbliter8. It hits older iPhone models and goes after something most users never think about: the BootROM.
Think of the BootROM as the very first thing that wakes up when you power on your iPhone, before iOS even loads. Its job is to kickstart the boot process and check that everything running next is legitimate.
The catch is that this code lives directly on the chip. Apple can push a software update to fix a bug in iOS, but it can’t rewrite code that’s already baked into hardware sitting in millions of pockets.
How does usbliter8 Exploit work?
Here’s how the researchers say usbliter8 actually works. It targets a weak spot in how older Apple chips handle USB connections right when the phone is starting up.
An attacker sends specially built USB data to the device while it’s booting or sitting in restore mode. That data trips up the USB controller and tricks it into writing information to the wrong spot in memory.
You may also like: iPhone Air vs iPhone 17 Pro: Which Should You Buy in 2026?
Once that happens, the attacker can mess with the startup process itself and slip in code that runs before iOS even has a chance to load properly.
That probably sounds alarming, but there’s a real limit to how worried you need to be. This isn’t something a hacker can pull off through a sketchy website, a text message, or a malicious app. usbliter8 only works if someone has physical USB access to your iPhone, meaning they would need to plug it into a computer or another device first.
Which iPhones Are Vulnerable to usbliter8 Exploit
Here’s the full list of devices at risk. On the iPhone side, this covers anything running an A12 or A13 chip: the iPhone XR, XS, XS Max, the iPhone 11, 11 Pro, 11 Pro Max, and the second-generation iPhone SE.
Apple Watch owners aren’t off the hook either, since the S4 and S5 chips are also affected. That puts the Apple Watch Series 4, Series 5, and the first-generation Apple Watch SE on the list, too.
You may also like: iPhone 17e vs iPhone 17: Full Comparison of Specs, Camera and Price
One small bit of good news is that researchers note that pulling off this exploit is harder on devices running the A13 chip compared to the A12.
Since this flaw sits in the hardware itself, no regular software update can wipe out the risk completely. The safest move is simple: don’t plug older iPhones or Apple Watches into computers, public charging stations, or accessories you don’t fully trust.
If you’re using one of the affected models and security really matters to you, switching to a newer device is honestly the most reliable fix.
