The researchers of Paradigm shift has published an extensive report detailing the inherent security flaw present in some Apple devices. The security issue affects USB and several Apple silicon chips and is called “usbliter8”.
The usbliter8 exploit affects all devices using A12, A13, S4, and S5 chips. That means iPhone XR, iPhone These device owners should be on the lookout and here’s why.
The exploit revolves around a USB-specific hardware bug and a specific configuration flaw in the device’s firmware, which makes the exploit unpatchable. The good news is that attackers need to have the device on hand to exploit the bug.
In DFU mode, you can send specific data to the device via USB, confusing the USB controller and forcing it to write data to the wrong part of memory, effectively injecting custom code before iOS even boots. This way you can bypass signature checks, run modified system software, etc.
Fortunately, the exploit does not affect the device’s security enclave, where encrypted data, such as passcodes and other sensitive user data, resides.
And now? The researchers said that Apple has worked closely with them to fix the problem, but it ultimately boils down to upgrading the device with a newer one as the most effective way to ensure your data remains safe if someone steals your phone. Interestingly, for example, the bug does not affect older devices running A11.
Start a new Thread