A fully functional jailbreak has been released for the latest iOS 12.4 on the Internet, making it the first public jailbreak in a long time—thanks to Apple.
Dubbed “unc0ver 3.5.0,” the jailbreak works with the updated iPhones, iPads and iPod Touches by leveraging a vulnerability that Apple previously patched in iOS 12.3 but accidentally reintroduced in the latest iOS version 12.4.
Jailbreaking an iPhone allows you to install apps and other functions that are usually not approved by Apple, but it also disables some system protections that Apple put in place to protect its users, opening you up to potential attacks.
Usually, iPhone Jailbreaks are sold for millions of dollars by exploit brokers, but if you want to jailbreak your Apple device, you can do it for free.
An anonymous researcher who goes by the online alias “Pwn20wnd” has released a free jailbreak for iOS 12.4 on GitHub that exploits a use-after-free vulnerability in iOS kernel responsibly reported to Apple earlier this year by Ned Williamson, a researcher working with Google Project Zero.
The vulnerability, tracked as CVE-2019-8605, allows an application to execute arbitrary code with system privileges on a target Apple device, which can not only be used to jailbreak them but also leaves users vulnerable to hackers.
According to researchers, besides embedding the exploit into an innocent-looking app, the vulnerability can also be exploited remotely by combining it with sandbox bypass flaws in Apple Safari web browser or other Internet exposed services.
Though Apple patched this vulnerability in iOS 12.3, it accidentally reintroduced the same bug in iOS 12.4, making it easier for hackers to compromise Apple devices.
As Pwn20wnd told Motherboard, “somebody could make perfect spyware by exploiting this vulnerability.”
“For example, he said, a malicious app could include an exploit for this bug that allows it to escape the usual iOS sandbox—a mechanism that prevents apps from reaching data of other apps or the system—and steal user data.”
The new jailbreak works on updated iOS devices, including the iPhone XS, XS Max, and XR or the 2019 iPad Mini and iPad Air, running iOS 12.4 and iOS 12.2 or earlier, but does not work at all on devices running iOS 12.3 that patched the bug.
Several Apple users have taken to Twitter, claiming they used the Pwn20wnd jailbreak tool to successfully jailbreak [1, 2, 3, 4] their Apple devices, including the recent iPhone X and iPhone XR, and posting screenshots of their iPhone screens with unapproved app installations.
Since Apple doesn’t allow users to downgrade their operating system, users who have already upgraded their Apple devices to the latest version of iOS released late last month are left with no option other than waiting for an update from Apple.
Likely, Apple is already working on a patch to re-implement its earlier patch that will be released with iOS 12.4.1. Meanwhile, you should also beware of apps you download from the App Store until a patch releases.
- Apple Releases iOS 12.4.1 Emergency Update to Patch ‘Jailbreak’ Flaw
- Pangu Hackers have Jailbroken iOS 12 on Apple’s New iPhone XS
- Latest iOS 12.2 Update Patches Some Serious Security Vulnerabilities
- Chinese Hacker Publishes PoC for Remote iOS 12 Jailbreak On iPhone X
- Google Researchers Disclose PoCs for 4 Remotely Exploitable iOS Flaws