An unpatchable security vulnerability in Apple’s A12 and A13 chips has been disclosed, renewing attention on the possibility of jailbreaking older iPhones and further hacking research.

TechCrunch reported on Sunday that Paradigm Shift, a Barcelona-based offensive cybersecurity firm, disclosed a vulnerability dubbed “usbliter8” and released related proof-of-concept code and technical analysis materials.

The vulnerability exists in the BootROM area, which is the first to run when an iPhone boots. BootROM is the starting point of the device’s security system and runs before the operating system to verify system integrity.

Affected devices are models equipped with Apple’s A12 and A13 chips. They include the iPhone XS, iPhone XS Max, iPhone XR and the iPhone 11 series.

The security industry is paying attention because the vulnerability is effectively impossible to patch. BootROM is code fixed in hardware at the chip manufacturing stage and cannot be corrected through operating system updates or security patches.

Paradigm Shift explained, “Because the vulnerability exists in unchangeable code, the most effective measure affected users can take is to switch to newer hardware.”

The disclosure does not immediately lead to a risk of large-scale hacking. Exploitation requires an attacker to have direct physical access to a device.

It also requires an environment that allows a cable connection, and would need to be combined with additional vulnerabilities to access actual user data.

The industry sees the flaw as a starting point for bypassing initial security barriers rather than a standalone attack method.

Attention is focused in particular on forensic firms, government-contracted security companies and vulnerability researchers. Companies developing iPhone unlocking equipment may already have acquired similar attack techniques, but the appearance of the information in a public form is seen as meaningful.

The disclosure is also expected to affect jailbreak research. Jailbreaking is the process of removing software restrictions Apple sets in iOS.

It was active in the past but has declined sharply over the past 10 years.

Security researchers see the BootROM vulnerability as something that could be combined with other iOS vulnerabilities to develop new jailbreak techniques or security research tools.

Paradigm Shift explained that “usbliter8” can help bypass the initial security verification stage in situations where physical access is possible. It said this could be used to neutralise additional security checks or lay the groundwork for follow-on attacks.

Experts stress that the case does not mean the entire iPhone security system has collapsed. They cite that the impact is limited to certain generations of older devices and that real-world exploitation conditions are quite demanding.

Even so, the discovery is seen as a case showing that exploitable vulnerabilities can remain at the hardware level even as Apple continues to strengthen security. With devices released years ago still widely used, the importance of security management for older iPhone users is again being highlighted.