usbliter8 bootrom exploit affects older iPhones, iPads and Apple Watches

Technology Jun 19, 2026

A proof-of-concept exploit dubbed "usbliter8" that targets a BootROM vulnerability has been discovered in some older iPhones (XS, XR, 11 series), iPads, and older Apple Watch models with S4 and S5 chips.
The issue is baked into the device's boot ROM, Apple's startup code, which means it can't be fixed with a software update.

Requires physical access, boots via USB

This exploit lets someone boot up unauthorized software by messing with the device's USB memory during startup.
It's easier to pull off on A12 devices, but trickier on A13 models thanks to extra security checks.
Devices with A14 chips or newer are safe, as is the iPhone X.
The good news: researchers told Apple about it before going public, and you'd need physical access to a device for this hack to work.