Pwn20wnd iOS 12.4.1 jailbreak publicly released – Unc0ver V_2.0 semi-tethered

unc0ver iOS 12.4.1

A hacker has released the first public jailbreak for modern iPhones in several years, according to a new report from Motherboard. The report details that with the release of iOS 12.4, Apple accidentally unlatched a vulnerability that it had originally fixed in iOS 12.3, opening the door for this jailbreak to be publicly released for iOS 12.4.1.

Security researcher Pwn20wnd has released a public jailbreak for iOS 12.4.1 Unc0ver V_2.0 semi-tethered, which seemingly works on all recent iPhone models.

This marks the first time in years that such a jailbreak has been release to the public. The jailbreak iOS 12.4.1 as well as any other version below iOS 12.3.

In general, jailbreak details are keep private to keep Apple from patching it. Furthermore, jailbreaks are covet among security researchers because “the ability to jailbreak an iPhone means the ability to hack it,” and exploits can often sell for millions of dollars.

I haven’t used this jailbreak myself, so I can’t confirm first-hand about anything else you’ll need to do to ensure it keeps working. As iClarified writes for earlier versions of iOS:

iClarified iOS 12.4.1 jailbreak Updates
  • This is a semi-tethered jailbreak so you will need to launch unc0ver and tap Jailbreak each time you reboot.
  • If you don’t have a developer account you will need to re-sideload the unc0ver app every seven days.

We never said jailbreaking was easy. However, this is the price you pay for hacking your iPhone or iPad to run whatever you want.

 iOS 12.4.1 jailbreak
iOS 12.4.1 jailbreak

Numerous iPhone users have already taken to Twitter to show off their newly-jailbroken devices, including the recent iPhone X and iPhone XR.

The bug in question was first reported to Apple by Google’s Project Zero team. Apple detailed the fix in the security release notes for iOS 12.4.1

Ned Williamson works for Google Project Zero and confirmed to Vice that the iOS 12.4.1 jailbreak worked on his iPhone XR.

Williamson also explained the security concerns that arise because of Apple mistakenly un-patching the vulnerability:

“A user apparently tested the jailbreak on 12.4 and found that Apple had accidentally reverted the patch,” Williamson told Motherboard. The researcher told Motherboard that “somebody could make a perfect spyware” taking advantage of Apple’s mistake.

For example, he said, a malicious app could include an exploit for this bug that allows it to escape the usual iOS 12.4.1 sandbox—a mechanism that prevents apps from reaching data of other apps or the system—and steal user data. Another scenario is a hacker including the exploit in a malicious web-page, and pairing it with a browser exploit, according to the researcher.

It’s likely that Apple will release iOS 12.4.1 in the coming days to re-fix this vulnerability. Until then, security researcher Stefan Esser recommends all users be wary of what apps they install from the App Store because “any such app could have a copy of the jailbreak in it.”