Home
Zimperium zLabs gets close to an iOS 11.2 jailbreak

Zimperium zLabs gets close to an iOS 11.2 jailbreak

January 29, 2018 Jailbreak, News 3 Comments

While tweak developers work on iOS 11.1.2, hackers have moved onto iOS 11.2 and above versions. Here’s yet another renowned hacking team that found powerful vulnerabilities in iOS 11.2.

zLabs finds powerful vulnerabilities in iOS 11.2

Rani Idan, a Zimperium zLabs hacker, has just published two crucial iOS vulnerabilities online.

Evad3rs Dev Team member, Nikias Bassen, was also involved in this project. Surprisingly, the well-known iOS security researcher, Adam Donenfeld wasn’t a part of it.

This project focused on detecting and exploiting services that iOS provides access from the sandbox. It allowed the hackers to gain privilege escalation and find a sandbox escape.

For the uninitiated, privilege escalation (root access) and sandbox escape are important parts of a jailbreak tool.

Zimperium labs

Zimperium hackers found 2 vulnerabilities in the bluetoothd daemon in iOS. Here’s a brief explanation of what they are capable of –

  • CVE-2018-4095 – This vulnerability corrupts memory in the bluetoothd daemon.
  • CVE-2018-4087 – This vulnerability allows for arbitrary code execution in various different daemons.

These vulnerabilities affect SpringBoard, mDNSResponder, wifid, Preferences, CommCenter, bluetoothd, and other daemons.

Unsurprisingly, this set of vulnerabilities also affect watchOS and tvOS, which are based on iOS.

Which versions are affected?

According to Zimperium zLabs, these vulnerabilities affect the following iOS versions.

  • 11.2
  • 11.2.1
  • 11.2.2

iOS 11.2.5 is not supported because Apple patched these bugs in that version.

Idan didn’t mention the exact reason behind the incompatibility but he may have reported it to Apple for a bounty.

Is an iOS 11.2 jailbreak inbound?

Zimperium is a serious private security firm based in Israel. They don’t release jailbreak or rooting tools for any firmware; rather, they make it open source and demonstrate it in hacking conferences.

They will also make the aforementioned vulnerabilities open source, along with proper documentation, in due time.

This will allow other community developers and hackers like Coolstar and Sticktron to work on it and develop jailbreak tools based on them.

Therefore, I highly recommend downgrading to iOS 11.2-11.2.2 while its signing window is still open.

For more jailbreak and iOS security updates, give us a thumbs up on Facebook and Twitter.

19 Shares

Related Posts

About The Author

Gian

Gian is the resident jailbreak expert at Yalu Jailbreak. He has been jailbreaking his iPhone since 2010. Best way to catch his attention? Show him a tweak he hasn't installed.

3 Comments

  1. American Psycho January 30, 2018

    Great News, I had to update to 11.2 due to a cydia tweak that put my phone into a boot beep. But I’m glad that they will release, I hate when people claim they have a jailbreak then don’t release it. What’s the point. But like async_wake said, Good News!!!

    Reply
    • iOS Expert January 31, 2018

      They won’t release a jailbreak with Cydia but they will make public its individual components.

      Reply
  2. async_wake January 30, 2018

    Good News!!!

    Reply

Leave a Reply

Share via
Facebook
Twitter
LinkedIn
Mix
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap