Unpatchable Bootrom Exploit Could Lead to Permanent iPhone Jailbreak

BY Rajesh Pandey

Published 27 Sep 2019

iPhone X Lock screen No Notifications Locked

An unpatchable bootrom exploit has been discovered that affects millions of iOS devices out there starting from the iPhone 4s to the iPhone X. Dubbed ‘checkm8,’ this public bootrom exploit works on all devices up until the iPhone X irrespective of whether they run iOS 12 or iOS 13 and makes them jailbreakable for life.

A public bootrom exploit is very rare to come by and the last such exploit was released for the iPhone 4 in 2010. Since its a bootrom exploit, Apple cannot fix it by rolling out a software update. It also makes it possible for one to downgrade the firmware of their iPhone or iPad even after Apple stops signing it.

While @axi0mX has not released a public jailbreak today, he has released the exploit for free thereby paving the way for talented developers to use it and create an tethered jailbreak tool for iPhone 4S to iPhone X. Like Unc0ver, this Exploit will still only allow for a tethered jailbreak. This means one has to jailbreak their device every time after they reboot it.

The exploit does require that your iPhone or iPad is connected to a PC over USB and it cannot be executed remotely.

It should now only be a matter of time before we see the jailbreak community use this exploit to come up with a possibly permanent jailbreak solution for iPhone 4s to iPhone X devices. The good news is that this exploit has already piqued the interest of Unc0ver developer @Pwn20wnd who could start working on a tool to generate custom IPSWs with Cydia and kernel patches. He even calls it the most “powerful exploit for modern iPhones ever.”

It looks like things are going to once again get exciting in the jailbreak world!