What's Happening?
Security researchers at Paradigm Shift have disclosed a new BootROM exploit, named 'usbliter8', that affects Apple's A12 and A13 chips. This vulnerability impacts millions of iPhones, including models such as the iPhone XS, XR, 11, and 11 Pro. The flaw
is located in the SecureROM code, which is integral to the device's secure boot chain. The issue arises from a flaw in the Synopsys DesignWare USB controller used by Apple, allowing attackers to corrupt memory during Device Firmware Update (DFU) mode and gain control of SecureROM. This exploit cannot be patched as it is embedded in the silicon during manufacturing. While the exploit requires physical access to the device and is unlikely to be used in phishing or drive-by attacks, it allows researchers to run unsigned code and modify DFU behavior. The vulnerability does not affect Apple's Secure Enclave Processor, which secures sensitive data. Apple has been informed of the findings, but there is no official comment from the company.
Why It's Important?
The discovery of the 'usbliter8' exploit is significant as it highlights a critical vulnerability in Apple's hardware that cannot be patched through software updates. This poses a long-term security risk for users of affected devices, as the exploit remains viable for the device's lifetime. For security researchers, such vulnerabilities offer insights into potential weaknesses in device security architecture. The exploit's ability to bypass the secure boot chain could lead to unauthorized access and control over affected devices, although the requirement for physical access limits its immediate threat to consumers. However, it underscores the importance of hardware security and the challenges in addressing vulnerabilities embedded at the silicon level. The exploit also serves as a reminder of the ongoing cat-and-mouse game between tech companies and security researchers in safeguarding consumer devices.
What's Next?
For users of affected iPhones, the only remedy is to upgrade to newer models that do not have this vulnerability. Apple has reportedly addressed the issue in its A14 and later chips, suggesting that future devices will not be susceptible to this exploit. The disclosure of this vulnerability may prompt Apple to enhance its hardware security measures in upcoming models. Additionally, the tech community may see increased efforts to identify and mitigate similar vulnerabilities in other devices. Security researchers will likely continue to explore the implications of this exploit, potentially leading to further discoveries in device security. Consumers are advised to remain vigilant about physical access to their devices and consider upgrading to newer models if security is a concern.
