Hacker ModernPwner has publicly released a new kernel exploit called “cicuta_virosa” for iOS 14.3 and below versions. Here’s all you need to know about it.
Table of Contents
iOS 14.3 kernel LPE released for iOS 14.3
Security researcher ModernPwner recently made public cicuta_virosa – a new kernel-level local privilege escalation exploit for iOS 14.3 and below operating systems.
This exploit utilizes the CVE-2021-1782 vulnerability, which is based on a race condition in user_data_get_value().
According to iOS 14.4’s security content, this bug could potentially allow a malicious application to gain escalated privileges. Apple addressed this vulnerability in the iOS 14.4 update.
We are Anonymous. We are Legion.
— ModernPwner (@ModernPwner) February 10, 2021
As far as reliability goes, cicuta_virosa performed phenomenally well on A13 and A10 devices during testing.
However, there are still a few hitches and glitches here and there, but that’s only to be expected.
The exploit still requires plenty of cleanup and stable primitives that do not rely on memory reallocation.
Also, the exploit takes more than two minutes to run due to a low-level kernel check sanity check in the kernel.
According to ModernPwner, cicuta_virosa uses best exploitation practices and should work without issues on all devices up to iOS 14.3. This kernel-level exploit supports all devices running a compatible operating system – even A14 devices.
Here’s the complete list of vulnerable devices:
- iPhone 6s and later
- iPad Air 2 and later
- iPad mini 4 and later
- iPod touch (7th generation)
Odyssey to be updated soon for iOS 14
By the look of things, ModernPwner is a new entrant community but the hacker ain’t new to iOS exploitation, that’s for sure.
From what we can gather, modernpwner is either a good samaritan masquerading as “Anonymous” on Twitter or the handle is a shadow account of a legitimate security researcher.
Thankfully enough, the anonymous researcher has already given permission to Coolstar to modify and use the cicuta_virosa exploit for jailbreak development.
So, you can expect Odyssey jailbreak, which only supports iOS 13.0-13.7, to receive an update soon for iOS 14.3 and below firmware in the near future.
Pwn20wnd, Coolstar’s archrival, could also use this exploit to update unc0ver. But, that would require his project to be licensed under GPL.
If you want to use this exploit for your own non-GPL projects, you can contact ModernPwner on Twitter.
ModernPwner and his team have also developed a new method to bypass PAC but have decided to not make it public. The team also plans to release the PAC bypass along with an iOS 14.5 exploit after Apple patches it.
The release of the cicuta_virosa exploit is a watershed moment for the jailbreak community.
This exploit will allow a lot of iPhone enthusiasts to break out from Apple’s walled garden and experience freedom!