Monday, January 28, 2019

PoC for Remote iOS 12 Jailbreak On iPhone X Released By A Chinese Hacker, Apple Promply Patches The Flaws.

A Chinese security researcher Qixun Zhao of Qihoo 360's Vulcan Team, the exploit takes advantage of two security vulnerabilities that were first demonstrated at TianfuCup hacking contest held in November last year and then was later responsibly reported to the Apple security team.
The root of the hack is two flaws, a type confusion memory corruption flaw (CVE-2019-6227) in Apple's Safari WebKit and a use-after-free memory corruption issue (CVE-2019-6225) in iOS Kernel.

A demo of the hack.

https://twitter.com/TianfuCup/status/1063630137306959873

0 comments:

Blog Widget by LinkWithin