Researchers at Paradigm Shift published an extensive report that details the inherent security flaw that comes with some of Apple’s devices. The security issue involves the USB and several Apple silicon chips, and it’s called “usbliter8”.
The usbliter8 exploit affects all devices running on A12, A13, S4 and S5 chips. That means iPhone XR, iPhone XS/XS Max, iPad Air 3, iPad mini 5, iPad 8, second-gen Apple TV 4K, iPhone 11, 11 Pro/11 Pro Max, iPhone SE, iPad 9, Studio Display, Apple Watch Series 4, Series 5 and Apple Watch SE. These device owners should be on the lookout, and here’s why.
The exploit revolves around a hardware bug specific to the USB and a specific configuration flaw in the device’s firmware, making the exploit unpatchable. The good news is attackers need to have the device at hand in order to exploit the bug.
While in DFU mode, you can send specific data to the device over USB, confusing the USB controller and forcing it to write data to the wrong part of the memory, effectively injecting customized code before iOS even boots. This way you can bypass signature checks, run modified system software, etc.
Luckily, the exploit doesn’t affect the device’s Security Enclave, where the encrypted data, such as passcodes and other sensitive user data, resides.
So what now? Researchers said that Apple worked closely with them to resolve the issue, but at the end, it boils down to upgrading the device with a newer one as the most effective way to ensure your data remains safe if someone steals your handset. Interestingly, the bug doesn’t affect older devices running A11, for example.
