Exploit for CVE-2026-40003

CVE-2026-40003 aka Joselito is arbitrary memory write vulnerabil...

CVE-2026-40003 USB-based arbitrary memory write vulnerability in ZTE ZX297520V3 soc BootROM

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

PT-2026-38322

ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...

Exploit for Code Injection in Apple Securerom

🔐 iOS Security Research Deep-dive notes on iOS security inter...

EUVD-2019-18908

Malware in sbrugna...

CVE-2019-9536

Apple iPhone 3GS bootrom malloc implementation returns a non-NULL pointer when unable to allocate memory, aka 'alloc8'. An attacker with physical access to the device can install arbitrary firmware...

PT-2024-20727 · Renesas · Renesas Smartbond

Name of the Vulnerable Software and Affected Versions: Renesas SmartBond versions DA14691, DA14695, DA14697, and DA14699 Description: An issue was discovered where the bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value Length of Flash...

iPhone BootROM vulnerability description and threat assessment-vulnerability warning-the black bar safety net

0x00-related vocabulary AP: application processor. SEP: security coprocessor. SecureROM: also known as the BootROM is cured in the iPhone the read-only area in the section of the code, the area code is to start the chain and start the chain of trust starting point, the main responsible for loadin...

New iOS exploit checkm8 allows permanent compromise of iPhones

UPDATE 9/27, 11:00am: Updated for the misconception that the bootrom was actually being modified. Apparently, the "permanent" only refers to the fact that the bug is in the bootrom, where it cannot be patched. UPDATE 9/27, 12:15am: After speaking with @axi0m8, clarified a few other points,...

Google Android NVIDIA BootROM Mobilization Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. The NVIDIA BootROM is one of the Boot ROM components. An elevation of privilege vulnerability exists in the NVIDIA BootROM component in Android. An attacker can exploit this vulnerabili...