New Unpatchable iPhone Exploit “usbliter8” Found — iPhone 11 and Older Devices Affected

A new hardware-level security flaw has been discovered in some older Apple devices, including the iPhone 11 series. The exploit, named usbliter8, targets Apple’s A12 and A13 chips and is considered unpatchable because the issue exists inside the hardware itself.

Unlike normal iOS bugs that Apple can fix with a software update, this vulnerability lives deep inside the chip’s boot process. The affected devices include models such as the iPhone XS, iPhone XR, and iPhone 11 lineup.

What is usbliter8?

The usbliter8 exploit takes advantage of a flaw in the USB controller used during the early boot process. With physical access to the device, an attacker may be able to execute unauthorized code before iOS fully starts.

This could allow researchers or attackers to jailbreak the device, bypass some security protections, or access parts of the system normally locked by Apple. However, it is not a remote attack — the attacker needs the actual device in their hands.

Why is it called “unpatchable”?

The reason is simple: the vulnerable code is part of the chip design. Apple’s SecureROM/BootROM is permanently written into silicon during manufacturing, meaning Apple cannot repair it with a normal iOS update.

The only real fix is newer hardware with a redesigned chip.

The history: Following the footsteps of checkm8

The last major public “unpatchable” iPhone exploit was checkm8, discovered in 2019.

Created by security researcher axi0mX, checkm8 affected Apple’s older chips from A5 through A11, including devices like the iPhone 4S up to the iPhone X. It exploited a BootROM vulnerability and permanently enabled jailbreak possibilities on affected devices.

Like checkm8, usbliter8 is not just a software bug — it attacks the foundation of the device’s security chain. But the two exploits are different:

• checkm8 → A5–A11 chips (iPhone 4S to iPhone X)
• usbliter8 → A12–A13 chips (including iPhone XS, XR, iPhone 11)

Together, these discoveries show that even Apple’s highly secured chip architecture can contain flaws that survive for the lifetime of a device.

Who discovered usbliter8?

The exploit was disclosed by the security research team Paradigm Shift, who reported the issue to Apple before publication.

The earlier checkm8 discovery is credited to security researcher axi0mX, whose research became one of the biggest moments in the iOS jailbreak community.

Should iPhone 11 users worry?

For normal users, the risk is limited because exploitation requires physical access. A stolen or seized device would be a bigger concern than a phone being attacked remotely.

Still, usbliter8 is another reminder that hardware security flaws can remain forever — even on devices that still receive software updates.