BootROM Exploit Called “checkm8” Affects Almost All iPhones and iPads

• A researcher discovered a BootROM exploit that works on almost all iOS devices out there.
• The exploit requires physical access to the target device and its connection to a computer.
• Researchers and hackers will now engage in finding possible ways to incorporate the exploit into their jailbreaking tactics.

An iOS security researcher that goes by the Twitter handle “axi0mX” has announced an “Epic Jailbreak” which he named “checkm8”. According to the researcher’s claims, there’s a BootROM exploit that renders almost all generations of iPhones and iPads vulnerable to partial compromise, and the proof of concept is now available on GitHub. The devices that are susceptible to this type of attack are all iPhone generations from 4s and up to the X, all iPads from the 2nd to the 7th generation, Apple Watch Series 1, 2, and 3, the iPad Air 1st and 2nd gen, the 2nd generation of the iPad Pro, the 3rd generation of the Apple TV, and the fifth, sixth, and seventh generation of the iPod Touch.

EPIC JAILBREAK: Introducing checkm8 (read "checkmate"), a permanent unpatchable bootrom exploit for hundreds of millions of iOS devices.

Most generations of iPhones and iPads are vulnerable: from iPhone 4S (A5 chip) to iPhone 8 and iPhone X (A11 chip). https://t.co/dQJtXb78sG

— axi0mX@infosec.exchange (@axi0mX) September 27, 2019

So what is “BootROM” exactly? It’s Apple’s “SecureROM” which is a device start-up code that is stored in a read-only memory chip for protection. That said, Apple has no way to push an update to the BootROM code, and thus, finding an exploit in it means that it’s a permanent flaw unless you have a way to replace the hardware. Since this is ruled out, the next question that comes into mind is, how serious this is.

Simply put, I wouldn’t call it a ground-shaking flaw, but it still holds great importance. The checkm8 exploit needs local, physical access to the target device, while the attacker would need to connect it to a computer and put it into DFU (Device Firmware Upgrade) mode. Moreover, checkm8 won’t do much damage on its own, but only if it’s combined with another vulnerability to enable real jailbreaking, sandbox escaping, accessing data, planting spyware, etc. This means that you should be careful with the service guy that needs to keep your device in order to fix it, as entering DFU mode doesn’t require a password, and “checkm8” works on locked devices as well.

The implications of the discovery of a BootROM exploit extend to forensics and “professional spyware” service providers like Cellebrite and NSO. These companies are bound to figure out a way to put checkm8 into their hacking galore and make it a precious link in their exploit chain. This naturally damages the iOS reputation as the most secure mobile OS, but for the regular user right now, it isn’t something to panic about. Time will allow the full exploitation potential of “checkm8” to unfold, and we’ll be here to discuss it again.

Have something to comment on the above? Share your thoughts with us in the comments below, or join the discussions on our socials, on Facebook and Twitter.