An iOS Kernel Exploit PoC released by the Zimperium security researcher Adam Donenfeld, can be used to fully control iOS mobile devices.
Donenfeld named the Proof-of-concept (PoC) exploit zIVA (Zimperium’s iOS Video Audio), and said that it was created to work on all 64-bit iOS devices <= 10.3.1.
Earlier this year, some other vulnerabilities were found tracked as CVE-2017-6979, CVE-2017-6989, CVE-2017-6994, CVE-2017-6995, CVE-2017-6996, CVE-2017-6997, CVE-2017-6998 and CVE-2017-6999.
The iOS exploit lets hackers gain full control of the kernel, chaining all the vulnerabilities found in order to jailbreak a device. The operation itself was presented at the HITBGSEC held on August 25, in Singapore.
“Following my previous post, I’m releasing ziVA: a fully chained iOS kernel exploit that (should) work on all the iOS devices running iOS 10.3.1 or earlier. The exploit itself consists of multiple vulnerabilities that were discovered all in the same module: AppleAVEDriver.” wrote Adam Donenfeld in a blog post.
“The issues are severe and could lead to a full device compromise. The vulnerabilities ultimately lead to an attacker with initial code execution to fully control any iOS device on the market prior to version 10.3.2.”
Apple released iOS 10.3.2 in May, this year, addressing seven AVEVideoEncoder flaws and one IOSurface vulnerability found by Adam Donenfeld. According to the researcher, the flaws could affect all previous versions of iOS.
While testing the iOS kernel modules, Donenfeld also registered the presence of the AppleAVE module. The module was affected by flaws which could be exploited for causing a denial-of-service condition or for triggering information disclosure and privilege escalation.
In addition, Donenfeld pointed out that the flaws can be chained for achieving arbitrary read/write and root access.
Unfortunately, the iOS Kernel exploit could be used to bypass all iOS security mitigations. So, to keep their devices safe, the iOS users should update them to the most recent version of iOS.