Unrecoverable vulnerability found in iPhone

Recently, Chinese developers have identified inApple devices an unrecoverable vulnerability that allows you to bypass the security system of smartphones and tablets of the company. The fatal vulnerability was first discovered in the SEP (Secure Enclave Processor) security chip, which has been used since 2013 in processors starting with the Apple A7.

The vulnerability affected the embedded software, which explainsimpossibility of its elimination, as there is no technical possibility to update this software. SEP processors contain data about passwords, private data, biometrics, allowing you to enter various services.

Exploit Checkm8 is used for hacking,bypassing the automatic device lock after ten attempts to enter the wrong password. Checkm8 exploits a vulnerability in Apple Bootrom (SecureROM), the first code to run when the iPhone boots. As a result, access is provided at the system level.

Using the found vulnerability, you can getaccess to data of users of any iPhone or iPad in which processors from A7 to A11 are installed. These are, first of all, smartphones models from iPhone 5s to iPhone X. To carry out a hack, a hacker must have physical access to the device and spend time guessing the password. During this time, the owner of the device will be able to remotely lock the iPhone and erase all data from its memory.

Source: securitylab