Security Researchers Find Unfixable Hardware Flaw in Seven iPhone Models. Software Updates Cannot Help.

What the Researchers Found

Paradigm Shift, a European cybersecurity firm, published a detailed technical report on June 19, 2026, disclosing a vulnerability they named usbliter8. According to the firm's blog post, the flaw lives inside the USB controller and BootROM of Apple's A12 and A13 Bionic chips, as well as the S4 and S5 chips used in some iPad and Apple Watch models.

The BootROM — sometimes called SecureROM — is the first code that executes the moment a chip powers on. It is permanently baked into the silicon at the factory. No software update, no matter how comprehensive, can rewrite it. That is why Paradigm Shift calls usbliter8 unpatchable.

Paradigm Shift says they flagged the vulnerability to Apple Product Security before publishing.

How the Attack Actually Works

An attacker must first put the target device into DFU mode (Device Firmware Update mode), which requires physical access. From there, according to Paradigm Shift's report as covered by iPhone in Canada, sending a specific sequence of unusually small data packets over USB tricks the chip's internal memory pointer into walking backward through memory. That allows external code to write into protected memory zones before iOS ever finishes booting.

The result: an attacker can bypass Apple's signature verification, load modified system software, and gain deep access to the operating system itself, according to The News International.

One important limit: the attack does NOT touch the Secure Enclave. That is the isolated coprocessor that handles encrypted data, passcodes, and biometrics. Passwords and biometric data stay protected even on a successfully exploited device, according to GSMArena's coverage of the Paradigm Shift report.

Which Devices Are Affected

According to Apple Insider and confirmed across multiple outlets covering the Paradigm Shift disclosure, the affected devices are:

A12 Bionic: iPhone XS, iPhone XS Max, iPhone XR, iPad Air (3rd generation), iPad mini (5th generation), iPad (8th generation)

A13 Bionic: iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, iPhone SE (2nd generation), iPad (9th generation)

S4 and S5 chips: Apple Watch Series 4, Apple Watch Series 5, Apple Watch SE (1st generation)

GSMArena's coverage also lists the Apple TV 4K (2nd generation) and Apple Studio Display as affected through the same chipset family.

Notably, the older A11 chip, used in the iPhone X, does NOT share the flaw. iPhone in Canada reported the technical reason: the A11's older USB driver manually resets the memory pointer after every data packet, which closes the opening that usbliter8 exploits. Newer chips are equally unaffected.

The Strongest Counterpoint

The most reasonable pushback is that the practical threat to most users is low. Physical access is a hard requirement. There is no remote exploit, and an attacker cannot send usbliter8 payloads over the internet or through a malicious app. For the vast majority of people who keep their phones on their person, this flaw changes nothing about their day-to-day security posture.

That is a legitimate point. The Secure Enclave protection makes it even harder for a thief to monetize a stolen device through this flaw, since the encrypted credentials stay locked.

The concern is real but narrow: intelligence agencies, law enforcement using forensic tools, sophisticated thieves, and anyone who has reason to believe their device might be confiscated or stolen. For those users, the hardware-level compromise is serious. Modified system software running before iOS boots could theoretically log activity or extract unencrypted files that are open at the time of access.

Apple's Position and the Only Fix

Paradigm Shift confirmed that Apple worked with them on the disclosure, according to GSMArena. Apple has not publicly disputed the findings or the chip list as of June 20, 2026.

The firm's recommendation is blunt: upgrade to newer hardware. It is the only technically accurate answer when the flaw is in the silicon itself.

The NY Post's coverage accurately conveyed the physical-access-only requirement and the hardware nature of the flaw, framing the fix as "purchase a new phone," which is correct but glosses over the fact that most owners of these models face minimal real-world risk. iPhone in Canada provided the clearest technical explanation of the BootROM mechanics, including the specific reason the older A11 chip avoided the flaw.

The Open Question

Paradigm Shift's report has not yet prompted any public response from Apple about whether usbliter8 has been observed in active exploitation, as opposed to a controlled lab disclosure. Whether forensic tools already used by law enforcement or state actors incorporate this technique — and have for some time — remains unknown based on the current source set.