Unpatched iOS vulnerabilities let user to jailbreak iPhone 4s to iPhone X

by ·

Today, a security researcher reveals a vulnerability which could lead to a permanent jailbreak iPhone 4s up to iPhone X. Twitter user, axi0mX shared this vulnerability today and named it “checkm8”.

Features the Checkm8 exploit allows include as mentioned below:

  • permanent unpatchable bootrom exploit for hundreds of millions of iOS devices
  • meant for researchers, this is not a jailbreak with Cydia yet
  • allows dumping SecureROM, decrypting keybags for iOS firmware, and demoting device for JTAG
  • current SoC support: s5l8947x, s5l8950x, s5l8955x, s5l8960x, t8002, t8004, t8010, t8011, t8015
  • future SoC support: s5l8940x, s5l8942x, s5l8945x, s5l8747x, t7000, t7001, s7002, s8000, s8001, s8003, t8012
  • full jailbreak with Cydia on latest iOS version is possible, but requires additional work

In the iOS 12 Beta released in the summer of 2018, Apple patched a serious vulnerability in the iBoot USB code. This vulnerability can only be triggered via USB and requires physical access. It cannot be used remotely. Although Apple has given a patch, hackers have found that this vulnerability can still be exploited. The hacker has released this latest vulnerability and related tools on GitHub and warned that exploiting this vulnerability could cause the device to brick.

Tags: