Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Researchers released a public exploit called usbliter8 that leverages a hardware flaw in the Synopsys DWC2 USB controller and a SecureROM DART configuration to achieve arbitrary code execution on Apple A12/A13 (and some S4/S5) devices via DFU mode and a dedicated microcontroller; the PoC is public, the flaw is unpatchable by software, and affected devices retain the vulnerability for their lifetime, posing a significant risk for high-security environments.