A team of Chinese researchers talked about how to jailbreak iPhones and iPads. They discovered a vulnerability related to the SEP security chip.
The problem was reported by Xu Hao, an information security researcher with the Pangu team, at the MOSEC 2020 conference held in Shanghai. According to Digitpol edition, the vulnerability in the chip was discovered for the first time. At the same time, the problem cannot be eliminated, since it concerns the embedded software.
To keep the devices secure, Apple has put many of the key encryption/decryption and secure storage functions into a SEP (Secure Enclave Processor) chip. It is used to store personal information, passwords, Apple Pay data, and biometrics. Its vulnerability is a serious problem for users, as it allows hackers to gain access to sensitive data and disclose personal information.
Hacking is carried out using the Checkm8 exploit. It exploits a vulnerability in Apple Bootrom (SecureROM), the first code that runs when the iPhone boots up and can provide system-level access. With Checkm8, an attacker is able to ignore the limit on the number of password attempts and can iterate over the options endlessly.
Earlier, hackers showed how to bypass device protection by hacking the operating system iOS 14. They published screenshots of smartphones with the Cydia store installed on them, which is necessary to download the jailbroken software.
To gain access to a gadget, a person must have it with him – it will not work to hack a smartphone or tablet remotely. In addition, the vulnerability affects only those devices that support Checkm8 or Checkra1N. All iPhones or iPads running on A7-A11 chipsets, that is, devices that came out between 2013 and 2017 (from iPhone 5S to iPhone X), were at risk.
Security experts advise you to either get rid of the models running on these processors or set a complex digital password. They also note that Apple is using several hardware and software strategies to mitigate the impact of the vulnerability.
Devices on newer chipsets do not support Checkm8 or Checkra1N, but their SEP mechanism is not too different. It is not yet possible to know for sure whether the new versions of the iPhone and iPad have this error, but experts fear that the protection of these gadgets will also be violated as soon as hackers can gain direct access to their memory.