It looks like there’s another potentially huge iOS exploit out there. According to a security researcher who goes by the name “axi0mX” on Twitter, there’s a vulnerability for any iOS device that has an Apple A5 chip through an Apple A11 chip, which includes the likes of the iPhone X, iPhone 8, and iPad models dating back to the iPad 2. The researcher calls the exploit “checkm8” and released it on Twitter.
The exploit itself is a so-called bootrom exploit, which basically means that it’s a vulnerability in the device’s ROM, or read-only-memory, rather than the software. That means that Apple can’t fix the issue with a software update, so devices with the affected chips are basically permanently vulnerable.
It’s a pretty significant find, and could make for the first unpatchable jailbreak for iPhones in a number of years. The last publicly released iPhone bootrom exploit was released for the iPhone 4 in 2010, and it could allow anyone with a device that features an A5 to A11 chip to jailbreak their phones, if they so choose. There are other jailbreaks available to iPhones, but they’re based on software flaws and can be patched.
Of course, you won’t be able to jailbreak your iPhone with this exploit right away — and you still may never be able to. First, someone has to create a jailbreak that exploits the vulnerability, and there’s no guarantee that will ever happen. Still, known jailbreak developer Pwn20wnd seems to be interested in the exploit, and may well create a jailbreak that makes use of it.
Checkm8 could have other implications, too. According to axi0mX, it could ultimately be used to downgrade to older versions of iOS without Apple’s involvement, and it could be used to dual boot iOS. Of course, it could also be used by hackers, however it does need physical access to the device to work, so at least hackers won’t be able to make use of it remotely.
The exploit is currently available on GitHub, but it’s marked as a beta release right now. Jailbreaking exploits often come with easy-to-use tools that enable users to take advantage of them — but for now, checkm8 is still very technical and could brick an iPhone if used without the proper technical knowledge. Of course, we never recommend that you jailbreak an iPhone, as it voids the device’s warranty, makes for a less secure device, and could render your device unusable if something goes wrong.
