Updated ‘unc0ver’ Tool Now Jailbreaks All iPhone Models Running iOS 11.0 – 14.3

March 2, 2021

The popular jailbreaking tool “unc0ver” has received an update that allows it to jailbreak a wide range of iPhone models running iOS versions from 11.0 to 14.3. This update, known as unc0ver v6.0.0, leverages a kernel vulnerability, identified as CVE-2021-1782, which Apple acknowledged was actively exploited as of January. Lead developer Pwn20wnd announced the release on Sunday, emphasizing that the tool can now unlock devices across various iOS versions, including 12.4.9-12.5.1, 13.5.1-13.7, and 14.0-14.3. The vulnerability allows malicious apps to escalate their privileges due to a race condition in the kernel. According to Pwn20wnd, “We wrote our own exploit based on CVE-2021-1782 for #unc0ver to achieve optimal exploit speed and stability.” Apple has since addressed this flaw in its updates for iOS and iPadOS 14.

Updated ‘unc0ver’ Tool Enables Jailbreak for All iPhone Models Running iOS 11.0 to 14.3

On March 2, 2021, the renowned jailbreaking utility known as “unc0ver” received a significant update, allowing it to jailbreak all iPhone models operating on iOS versions from 11.0 to 14.3. This development comes in light of a vulnerability that Apple reported was being actively exploited in the wild as of January. The latest version, designated unc0ver v6.0.0, was released on Sunday and introduces expanded compatibility to leverage a kernel vulnerability that has been traced back to a specific flaw identified as CVE-2021-1782.

This vulnerability is classified as a privilege escalation issue stemming from a race condition within the kernel, which could enable a malicious application to gain elevated privileges. Lead developer Pwn20wnd stated that the team developed a custom exploit based on CVE-2021-1782 to maximize both the speed and stability of the jailbreaking process. Affected iOS versions include 12.4.9 to 12.5.1, 13.5.1 to 13.7, and 14.0 to 14.3.

From a cybersecurity perspective, this vulnerability raises serious concerns for business owners and tech professionals alike. The ability to exploit such weaknesses significantly increases the risk of unauthorized access to sensitive data and systems. As Apple’s mitigation strategies have been rolled out in subsequent patches in iOS and iPadOS 14, the window of vulnerability persists for devices that remain unupdated.

In terms of MITRE ATT&CK tactics, this scenario highlights risk areas such as initial access and privilege escalation. Attackers could utilize social engineering methods or phishing schemes to gain initial access to devices running these vulnerable versions. Once access is attained, utilizing the identified flaws to escalate privileges could potentially allow adversaries to install malicious applications or execute unauthorized commands.

For organizations that rely on iOS devices, maintaining software updates is crucial to safeguarding against these sorts of vulnerabilities. Monitoring for advisories and being proactive about applying security patches can play a significant role in mitigating the risks posed by such exploits. The implications of the unc0ver tool’s capabilities underscore the necessity for heightened awareness among businesses regarding the cybersecurity landscape.

Despite Apple’s efforts to secure its operating systems, the cat-and-mouse game between developers of jailbreaking tools and vendor security teams continues to challenge cybersecurity efforts. Ensuring that devices are running the latest operating systems not only enhances overall security but also assists in protecting sensitive corporate information from potential breaches facilitated by such exploits.

Source link

Related Posts

Urgent: New Chrome 0-Day Vulnerability Under Active Exploitation – Update Your Browser Immediately!

On March 3, 2021, just a month after addressing an actively exploited zero-day flaw, Google has released updates for another critical vulnerability in Chrome, which is reportedly being targeted by attackers. The latest version, Chrome 89.0.4389.72, available for Windows, Mac, and Linux, includes a total of 47 security enhancements. The most severe issue addresses an “object lifecycle problem in audio,” tracked as CVE-2021-21166. This vulnerability was among two reported by Alison Huffman of Microsoft Browser Vulnerability Research on February 11. A separate audio-related object lifecycle flaw was reported to Google on February 4, coinciding with the launch of Chrome 88. Though details are limited, it’s unclear whether the two issues are interconnected. Google has confirmed the existence of exploits in the wild but hasn’t provided further specifics. Users are urged to update their browsers without delay.

URGENT: Four Actively Exploited 0-Day Vulnerabilities Found in Microsoft Exchange Server

March 3, 2021

Microsoft has issued emergency patches for four previously undisclosed security vulnerabilities in Exchange Server that are currently being exploited by a new state-sponsored threat actor from China, aimed at data theft. The Microsoft Threat Intelligence Center (MSTIC) describes these attacks as “limited and targeted,” revealing that the adversary exploited these vulnerabilities to gain access to on-premises Exchange servers, allowing them to infiltrate email accounts and install malware for prolonged access to the victim’s environment. Microsoft confidently attributes this campaign to a group known as HAFNIUM, a sophisticated state-sponsored hacker collective based in China, while also suggesting the potential involvement of other groups. In discussing HAFNIUM’s tactics, techniques, and procedures (TTPs), Microsoft highlights the group’s high level of skill and sophistication.

Urgent: Critical RCE Vulnerability Discovered in F5 Big-IP Platform—Immediate Patching Required!

On March 11, 2021, F5 Networks issued an advisory highlighting four severe vulnerabilities across various products that could lead to denial of service (DoS) attacks and unauthenticated remote code execution on affected networks. The advisory addresses a total of seven related flaws (CVE-2021-22986 through CVE-2021-22992), including two identified by Felix Wilhelm of Google Project Zero in December 2020. The four critical vulnerabilities impact BIG-IP versions 11.6, 12.x, and newer, with a notable pre-auth remote code execution issue (CVE-2021-22986) also affecting BIG-IQ versions 6.x and 7.x. F5 has stated that it is not currently aware of any public exploitation of these vulnerabilities. If successfully exploited, these flaws could lead to complete system compromise, enabling remote code execution and potential buffer overflow, resulting in DoS conditions. Customers are strongly urged to apply updates immediately.

Released ProxyLogon Exploit PoC: A Potential Catalyst for Increased Cyber Attacks

March 11, 2021

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint advisory on Wednesday, highlighting ongoing exploitation of vulnerabilities in Microsoft Exchange on-premises products by both nation-state actors and cybercriminals. “CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks, steal sensitive information, encrypt data for ransom, or conduct destructive attacks,” the agencies stated. They also noted that compromised networks might be sold on the dark web. Recent attacks have mainly targeted local governments, academic institutions, NGOs, and businesses across various sectors such as agriculture, biotechnology, aerospace, defense, legal services, power utilities, and pharmaceuticals—consistent with previous activities linked to Chinese cyber threats. Tens of thousands of entities, including the Eur…