"Unpatchable" Checkm8 iOS flaw could result in permanent jailbreak for almost all iPhones

News by Rene Millman

A security researcher has discovered what they claim is a "permanent unpatchable bootrom exploit" that affects Apple devices from the iPhone 4s to iPhone X.

A security researcher has discovered what they claim is a "permanent unpatchable bootrom exploit" that affects Apple devices from the iPhone 4s to iPhone X.
According to axi0mX, the security researcher behind the flaw, the iPhone exploit is called "checkm8." The flaw was patched by Apple in in last year’s A12 processors. This means that iPhone XS / XR and 11 / 11 Pro devices won’t be affected.
In a tweet, the researcher said that what they were today "is not a full jailbreak with Cydia, just an exploit."
"Researchers and developers can use it to dump SecureROM, decrypt keybags with AES engine, and demote the device to enable JTAG. You still need additional hardware and software to use JTAG," they added.
According to a Github posting by the researcher, the exploit features a "jailbreak and downgrade iPhone 3GS (new bootrom) with alloc8 untethered bootrom exploit", as well as a "Pwned DFU Mode" for a number of Apple devices.
"Exploit released today supports s5l8947x, s5l8950x, s5l8955x, s5l8960x, t8002, t8004, t8010, t8011, t8015. Others will be added soon. It is not perfectly reliable yet; it uses a race condition and I only tested it on my MacBook Pro," said the researcher.
They added that the that this exploit can’t be performed remotely but has to be done over USB.
"During iOS 12 betas in summer 2018, Apple patched a critical use-after-free vulnerability in iBoot USB code. This vulnerability can only be triggered over USB and requires physical access. It cannot be exploited remotely. I am sure many researchers have seen that patch," the researcher said.
They added that this patch is not easy to find and "the vulnerability is not trivial to exploit on most devices."
"That’s how I discovered it. It is likely at least a couple other researchers were able to exploit this vulnerability after discovering the patch. The patch is easy to find, but the vulnerability is not trivial to exploit on most devices," they added.
The researcher explained on Github that the exploit could brick devices. 
"It will attempt to save a copy of data in NOR to nor-backups folder before flashing new data to NOR, and it will attempt to not overwrite critical data in NOR which your device requires to function. If something goes wrong, hopefully you will be able to restore to latest IPSW in iTunes and bring your device back to life, or use nor-backups to restore NOR to the original state, but I cannot provide any guarantees," they said.
Sam Curry, chief security officer at Cybereason, told SC Media UK that Checkm8 is not a cause for panic, but it is a wake-up call, much like a near-Earth asteroid miss that is not an extinction event but tells us to take the threat seriously and to improve capability. 
"Checkm8 isn't a direct hit because it requires specific and rare ways for exploit, but there's no guarantee that there's isn't a checkm8 2.0 lurking out there with a more virulent distribution mechanism. No platform is immune. No architecture is immune. If the world becomes harder to hack, the attackers will flow to the path of least resistance and will invest until they succeed," he said.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews