BootROM USB exploit risks A12, S4/S5 and A13 devices
🔒 Paradigm Shift disclosed a BootROM vulnerability named usbliter8 that enables physical attackers to compromise the boot chain on Apple A12, S4/S5 and A13 SoCs. The flaw combines a hardware issue in the Synopsys DesignWare USB controller with a SecureROM firmware configuration error, creating a DMA underflow that can overwrite SecureROM SRAM. Exploitation requires DFU mode and specific microcontroller hardware, limiting remote abuse but posing risk to seized or unattended devices.
