iOS hacker axi0mX has published a powerful new jailbreak exploit dubbed as ‘checkm8’. This new exploit is a permanent unpatchable bootrom exploit for A5 to A11 devices that can be used to create jailbreaks for these devices. What makes this exploit different from other exploits is that it is a bootrom exploit that cannot be closed by Apple via a software update since it relies on a vulnerability in hardware.
As this new bootrom exploit supports all devices that have A5-A11 chips it works with all models of iPhone, iPad and iPod touch that have these chips. This includes modern iPhone models such as iPhone 8, iPhone 8 Plus and iPhone X or lower. iPhone XS or later are not supported as those have A12 chip.
Highlighting the significance of this release axi0mX reminds everyone that last time a public bootrom exploit was released was back in 2010, when iPhone 4 was the latest iPhone.
However do note that axi0mX has released an exploit and not a jailbreak. This exploit can be used by developers to create jailbreaks for iOS devices that have this vulnerability.
EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.
Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG
— axi0mX (@axi0mX) September 27, 2019
As noted by unc0ver developer Pwn20wnd jailbreak developers can use this bootrom exploit to develop jailbreaks for all current and future versions of iOS for supported devices. This means once a jailbreak is developed using this exploit it can work with iOS 13 and any future versions of iOS 13. Pwn20wnd has also shown interest in developing a jailbreak using this exploit while also warning users that it could take some time to materialize.
Benefits beyond jailbreaking
Apart from jailbreak a bootrom exploit could also make it possible for iPhone and iPad users to downgrade their device to a lower version of iOS, even when Apple has stopped signing that particular version. Theoretically it would be possible for iOS 13.1 users to downgrade to iOS 12 or even iOS 11 using this vulnerability, which is pretty exciting.
Hacker and iOS security researcher axi0mx has posted the details of the checkm8 bootrom exploit on GitHub where it is available for anyone to see and use.