Vulnerability in iPhones with A12 and A13 processors
In June 2026, a cybersecurity discovery affecting certain iPhone models equipped with A12 and A13 processors was made public. The incident occurred when researchers at Paradigm Shift identified and disclosed a vulnerability in the BootROM or SecureROM of these chips, a component that forms part of the device’s boot chain. Before publishing the technical details, the researchers notified Apple’s security team of their discovery, following the standard responsible disclosure procedure. The vulnerability was described as a hardware flaw, that is, a feature inherent to the chip’s design rather than a problem introduced by a specific version of the operating system. Due to this nature, the incident is classified as a low-level vulnerability, the existence of which was confirmed following the publication of the technical report by the researchers.
The research describes an exploit known as usbliter8, which allows the vulnerability to be exploited to compromise the boot chain of affected devices under certain conditions. According to the technical report, the attack requires physical access to the iPhone, connecting it via USB and putting it into DFU mode; it cannot therefore be exploited remotely via the internet. The affected devices are models with A12 and A13 processors, whilst later generations incorporate a different hardware design that does not have this specific issue. As this is a fault residing in the BootROM, Apple has not announced a software update to fix it, as this type of component cannot be modified via an iOS update. The company had already introduced hardware changes in later generations of its processors to prevent this vulnerability.
At present, the current status of the issue is that of a known, documented and publicly disclosed vulnerability, the existence of which has been acknowledged following prior notification to the manufacturer, and the mitigation of which relies on hardware improvements implemented in the latest generations of devices.
-
23/06/2026www.europapress.es
-
23/06/2026www.menorca.info



