Apple A12/A13 SecureROM USB DMA underflow with public usbliter8 exploit security flaw
Vulnerability
Summary
Hide ▲
Show ▼
A public usbliter8 exploit now reaches arbitrary code execution in Apple's SecureROM, exposing an unpatchable USB DMA underflow flaw across A12, A13, S4, and S5 hardware. The attack needs physical possession, DFU mode, and a RP2350-based microcontroller board, but it completes in under two seconds before the signed boot chain loads. Because the vulnerable code is burned into silicon, no software update can remove the flaw. The result is a durable device-custody risk for environments that must protect high-value Apple hardware from direct access.
Related Happenings
Beats Studio Buds Bluetooth BR/EDR missing-authentication security flaw (multiple vulnerabilities)
Vulnerability
H score24
First: 18.06.2026 15:23
Last: 18.06.2026 15:23
Sources 1
About this happening:
**Beats Studio Buds** are affected by **CVE-2025-20701**, a **missing-authentication** flaw in **Airoha system-on-a-chip (SoCs)** and the **Bluetooth BR/EDR radio** that can let a...
Beats Studio Buds Bluetooth BR/EDR missing-authentication security flaw (multiple vulnerabilities)
VulnerabilityAbout this happening: **Beats Studio Buds** are affected by **CVE-2025-20701**, a **missing-authentication** flaw in **Airoha system-on-a-chip (SoCs)** and the **Bluetooth BR/EDR radio** that can let a...
Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
Vulnerability
H score40
First: 02.06.2026 14:10
Last: 02.06.2026 14:10
Sources 1
About this happening:
Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...
Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
VulnerabilityAbout this happening: Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...
Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage
Technical Analysis
H score33
First: 26.03.2026 15:10
Last: 26.03.2026 15:10
Sources 1
About this happening:
**Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...
Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage
Technical AnalysisAbout this happening: **Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/Mitigation
H score35
First: 20.03.2026 07:16
Last: 20.03.2026 07:16
Sources 1
About this happening:
**Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/MitigationAbout this happening: **Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
WebKit Same Origin Policy bypass (CVE-2026-20643)
Vulnerability
H score18
First: 18.03.2026 03:06
Last: 18.03.2026 03:06
Sources 1
About this happening:
Apple fixed **CVE-2026-20643**, a **WebKit** flaw that let malicious web content bypass **Same Origin Policy** on **iPhones, iPads, and Macs**. The bug created a **cross-origin**...
WebKit Same Origin Policy bypass (CVE-2026-20643)
VulnerabilityAbout this happening: Apple fixed **CVE-2026-20643**, a **WebKit** flaw that let malicious web content bypass **Same Origin Policy** on **iPhones, iPads, and Macs**. The bug created a **cross-origin**...
Latest development: 18.03.2026 08:31
Apple released its first round of Background Security Improvements to address CVE-2026-20643 in WebKit, a cross-origin issue in the Navigation API that could bypass the same-origin policy when processing maliciously crafted web content. The flaw affects iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2, and Apple says it was addressed with improved input validation in iOS 26.3.1 (a), iPadOS 26.3.1 (a), macOS 26.3.1 (a), and macOS 26.3.2 (a). Apple also credits security researcher Thomas Espach with discovering and reporting the shortcoming.
Timeline
-
19.06.2026 21:37 1 articles · 3h ago
Paradigm Shift releases usbliter8 for Apple A12 and A13 SecureROM
Initial DisclosureParadigm Shift publicly released usbliter8, a working exploit that achieves arbitrary code execution inside Apple's SecureROM on A12 and A13 chips after physical possession of the device in DFU mode with a dedicated RP2350-based microcontroller board.
Show sources
- Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain — thehackernews.com — 19.06.2026 21:37
-
19.06.2026 21:37 2 articles · 3h ago
USB DWC2 DMA underflow exposes Apple SecureROM on affected chips
Technical Analysis UpdateSecurity researchers describe a hardware flaw in the Synopsys DWC2 USB controller that, when Apple's SecureROM configures the USB DART in bypass mode, can step the DMA write pointer backward through memory and overwrite arbitrary SRAM on affected A12 and A13 devices; as of June 19, 2026, no CVE, CVSS score, Apple security advisory, or CISA alert had been issued and no in-the-wild exploitation had been publicly reported.
Show sources
- Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain — thehackernews.com — 19.06.2026 21:37
- Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain — thehackernews.com — 19.06.2026 21:37