The hacker team that developed the unc0ver ios jailbreak tool has released a new version of the software that can unlock all iPhones, including those running the latest version of iOS 13.5.
Calling it the first zero-day jailbreak released after iOS 8, unc0ver’s chief developer, Pwn20wnd, said: “All of the other jailbreaks released after iOS 9 used 1-day exploits that were fixed in the next beta or hardware.”
The group did not indicate which vulnerability in iOS was used to develop the latest version.
Unc0ver also covered extensive backstage tests to ensure compatibility across a wide range of devices, from the iPhone 6S to the new iPhone 11 Pro Max models, from iOS 11.0 to iOS versions. 13.5, but excluding versions 12.3 through 12.3. 2 and 12.4.2–12.4.5.
“When using exceptions from the sandbox of our system, security remains unchanged, while at the same time providing access to jail files,” unc0ver said, which means installing a new jailbreak is unlikely to violate the sandbox’s protection.
Jailbreak hacking, similar to Google’s Android rooting, is an escalation of privileges that works using iOS flaws to provide users with root access and full control over their devices. This allows iOS users to remove software restrictions imposed by Apple, providing access to advanced settings and other prohibited applications.
But it also weakens the security of the device, opening the door for all kinds of malware attacks. Additional security risks, combined with the constant blocking of Apple hardware and software, make it difficult to jailbreak the device intentionally.
Also, jailbreaks are usually very specific and based on previously identified vulnerabilities and are very dependent on the iPhone model and iOS version so that they can be successfully replicated.
Zerodium broker said he would no longer buy iOS RCE vulnerabilities in the next few months, citing “a large number of views related to these vectors.”
Last August, Pwn20wnd used the SockPuppet vulnerability (CVE-2019-8605) discovered by Googler Ned Williamson to publish the public version of the jailbreak – for the first time in recent years, modern firmware has been unlocked – after an accidental re-introduction of Apple in iOS 12.4, a bug was fixed. The company then deployed the patch in iOS 12.4.1 to fix the privilege escalation vulnerability.
Then, in September, a security researcher released details about the unmatched bootrom exploit dubbed checkm8, which can be used to jailbreak almost all types of Apple mobile devices released between 2011 and 2017, including the iPhone, iPad, Apple Watch, and Apple TV.
While the new jailbreak exploits an unknown zero-day vulnerability, the iPhone maker is likely to install a security update in the coming weeks to fix the vulnerability exploited by unc0ver.
The new Unc0ver 5.0.0 jailbreak can be installed from iOS, macOS, Linux, and Windows devices. Instructions for use are available on the unc0ver website here.