world
Researchers Disclose Hardware Flaw in Older iPhones, iPads and Watches Requiring Physical Access
Cybersecurity researchers disclosed a hardware vulnerability that cannot be patched through software updates. The flaw requires physical access and affects devices with A12, A13, S4 and S5 chips.
foxnews.comAudio version
Tap play to generate a narrated version.
Developing·Limited corroboration so far. This page will refresh as more sources emerge.
Cybersecurity researchers at Paradigm Shift identified an unfixable hardware vulnerability in older Apple devices that allows attackers with physical access to override the startup process and jailbreak the device before iOS loads. The flaw, named usbliter8, resides in the USB controller and firmware. Paradigm Shift notified Apple Product Security before publishing details in a blog post.
The vulnerability affects iPhone models with A12 and A13 chips: iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, iPhone SE (2nd generation), iPhone XR, iPhone XS and iPhone XS Max. 9-inch iPad Pro, 1st generation Apple Watch SE, Apple Watch Series 4 and Apple Watch Series 5. “Vulnerabilities at this level can compromise the integrity of the entire device,” Paradigm Shift stated in its blog post.
Exploitation can allow attackers to run unauthorized software or extract sensitive information. Because the flaw is in hardware design rather than software, Apple cannot issue a software update to address it. Attackers require physical access to exploit the vulnerability; remote attacks are not possible.
Stolen or confiscated devices remain susceptible. com reported the disclosure.
