Researchers find a new vulnerability in iOS 12.1.2

The two researchers discovered a new security vulnerability in iOS 12.1.2 that affects a new generation of iPhone models, including the iPhone XS/XS Max and iPhone XR. Min Zheng and Xialong Bai disclosed their work details on Twitter, demonstrating root access to the iPhone XS Max released in 2018 through a Port-Oriented Programming (POP) attack.

Finally! (Mach) Port-oriented Programming (a.k.a POP) Attack Proof 3: Get task_for_pid_0 & root on iOS 12.1.2 (iPhone XS Max with A12 core), by @bxl1989 and @SparkZheng . PAC bypassed now! pic.twitter.com/gL3LZMnqUj

— Xiaolong Bai (@bxl1989) January 15, 2019

This attack bypasses the PAC system on the iPhone XS Max, and the same thing can be done on XS and XR.  After breaking the PAC system, security researchers can more easily develop jailbreak tools for iOS 12.1.2, but this will not happen very quickly.