Researchers Release BootROM Exploit for iPhones with A12 and A13 Chips
SecureROM vulnerability affects iPhone models and cannot be patched via software updates, requiring device replacement.
Security researchers have released a BootROM exploit for iPhones equipped with A12 and A13 processors. The exploited flaw resides in the SecureROM, a read-only hardware component responsible for the early stages of system boot. Because it is etched directly into the silicon, the vulnerability cannot be fixed through software updates.
The technique used bears similarities to checkm8, a historic exploit that affected earlier iOS devices and became widely known for allowing device unlocking and the installation of unauthorized operating systems. As with checkm8, the new flaw represents a structural security challenge for the affected devices, as it bypasses software-based protection mechanisms.
According to The Register, the only way to mitigate the vulnerability is to replace the hardware. Since the compromised code is part of the device's fixed memory, no operating system update can alter the flawed boot routine.
This means that owners of iPhones with A12 and A13 chips do not need to wait for security patches from the manufacturer. The definitive solution to the SecureROM's structural issue requires purchasing a new smartphone model that already features an updated BootROM architecture straight from the factory.
Which iPhone models are affected by the new BootROM exploit?
The exploit targets iPhones equipped with A12 and A13 processors. The vulnerability resides in the SecureROM, a read-only hardware component responsible for the early stages of system boot.
Can the SecureROM vulnerability be fixed with an iOS software update?
No. Because the compromised code is etched directly into the silicon, the vulnerability cannot be patched via software updates. The only way to mitigate the flaw is to replace the device's hardware.
What is the definitive solution for iPhones affected by this BootROM flaw?
The definitive solution requires purchasing a new smartphone model that features an updated BootROM architecture straight from the factory, as the current device's structural security issue cannot be fixed.