The upcoming iOS 14.5, which will be released in the coming months, will have the…
Then the authors of Unc0ver explained that they were using a zero vulnerability in the iOS kernel, which Apple experts did not yet know about.
“The vulnerability was discovered by one of the team members known as Pwn20wnd”, – then the developers of Unc0ver reported.
In the summer of 2020, Apple introduced iOS 13.5.1 for iPhone, iPad, and iPod touch, and Unc0ver stopped working. The fact is that this release fixed the CVE-2020-9859 vulnerability, which was exploited by the jailbreak (the application could gain kernel privileges and execute arbitrary code).
Now, a year after these events, the developers of Unc0ver are back with version 6.0.0, which works for devices running iOS versions 11.0 to 14.3 (that is, for almost all iPhone and iPad models).
Unc0ver doesn’t work on devices running iOS 14.4 for a reason. This version of the OS, released at the end of January, contains a patch for the CVE-2021-1782 bug. As you might guess, this is another kernel vulnerability that can be used for privilege escalation, which is what the authors of the jailbreak are using.
In January, Apple engineers reported that CVE-2021-1782 is one of three vulnerabilities already exploited by cybercriminals at the time the patches were released. All three flaws were reported to Apple by an anonymous researcher, and the company has not released any information about attacks that exploited these bugs.
The developers of the Unc0ver jailbreak tweet that they have created “their own exploit based on CVE-2021-1782 for unc0ver.”
“We wrote our own exploit based on CVE-2021-1782 for # unc0ver to achieve optimal exploit speed and stability”, – reported the authors of the Unc0ver jailbreak.
Recall that we talked about the fact that the IS-researcher published a jailbreak for all iOS devices with chips from A5 to A11, and also that Jailbreakers claim they have learned how to hack Apple T2 chips.
Kabatibly.co.in is a domain that tries to force you into clik to its browser notifications…
Reditarcet.co.in is a site that tries to force you into subscribing to its browser notifications…
Everestpeak.top is a domain that tries to trick you into subscribing to its browser notifications…
Firm-jawed.yachts is a domain that tries to trick you into subscribing to its browser notifications…
Anapurnatop.top is a domain that tries to trick you into subscribing to its browser notifications…
Boomira.com is a domain that tries to force you into clik to its browser notifications…