A combination of two exploits allows attackers to install malicious code on IPhone X devices
A network security researcher from China has
recently revealed technical details about some critical vulnerability in iOS
and Safari,
the Apple browser, which, if exploited, could allow an attacker to remotely
compromise an iPhone X with operating system iOS 12.1.2 and previous versions, as
reported by ethical hacking specialists from the International Institute of
Cyber Security.
All that the attacker requires to exploit these
vulnerabilities is to deceive an iPhone X user to open a specially designed web
page from the Safari browser of their device. Still, not every iOS hacker has
the knowledge and skills needed to find and exploit these vulnerabilities.
Discovered by the network
security investigator Qixun Zhao of the Chinese firm Qihoo 360, this
exploit takes advantage of two security vulnerabilities revealed last year in
an ethical hacking event. Subsequently, the vulnerabilities were reported to
the Apple security teams.
On the other hand, Zhao revealed some details
of the jailbreak, in addition to a proof of concept which the expert has dubbed
“Chaos”, after Apple launched the iOS 12.1.3 update, where the vulnerabilities
reported were supposed to be corrected.
According to the network security specialist,
the remote exploitation of the jailbreak consists of a combination of two
vulnerabilities:
- Memory
Corruption Vulnerability in Safari Webkit (CVE-2019-6227) - Memory
Corruption Vulnerability in iOS Kernel (CVE-2019-6225)
The researcher demonstrated that the
vulnerability in Safari allows maliciously created web content to execute
arbitrary code on the victim’s device; along with the second flaw, this allows
attackers to elevate their privileges and install a malicious application in
the background.
Qixun Zhao decided not to publish the jailbreak
code so as not to provoke a surge of cyber attacks against Apple users; he also
mentioned that he expects the cybersecurity community to use this research in a
way that does not harm users in the future.
“I will not release the operating code, if you
want to perform a jailbreak, you must complete the code on your own or expect
more details from the jailbreak community. I have also decided to omit post
exploit details”, the researcher mentioned.
Due to the potentially malicious users’ wide
attack range, in addition to the remote nature of this exploit, experts in
cybersecurity recommend that Apple users install the latest iOS operating
system update as soon as possible.
