Unc0ver team releases new jailbreak package that can unlock iPhones running iOS 13.5

The tool uses zero-day bug in the Darwin XNU kernel

Developers behind the Unc0ver jailbreaking tool have released a new version of their software that uses an unpatched zero-day bug to unlock all iPhones, including those running the latest iOS 13.5 version that was released last week.

Jailbreaks are a type of custom tools that exploit security bugs in the iOS to grant users root access over their device. Jailbreaking an iPhone or iPad enables users to modify their device's software to install unauthorised, third-party apps which are not available through the App Store.

Security experts usually advise users not to jailbreak their iOS device because that may open doors for hackers to launch malware and other attacks. Even visiting a malicious website could enable threat actors to take control of the jailbroken device.

Last week, the Unc0ver team released version 5.0.0 of their software, claiming that it can work across all iOS devices, including Apple TV. The team also disclosed that the tool uses a zero-day bug in the Darwin XNU kernel that controls the hardware on Apple's devices.

According to Unc0ver, Apple is currently not aware of the zero-day security vulnerability, which was uncovered by Pwn20wnd, a member of 'Unc0ver' team.

Pwn20wnd said in a tweet that the latest version of the tool is the first zero-day jailbreak released since iOS 8.

Every other jailbreak released since iOS 9 used 1-day exploits that were either patched in the next beta version or the hardware, and therefore could not work on the current iOS version.

The Unc0ver website says they have extensively tested their tool, and found it to be compatible across a broad range of devices, from iPhone 6S to iPhone 11 Pro Max models, running versions iOS 11.0 through iOS 13.5, but excluding versions 12.3 to 12.3.2 and 12.4.2 to 12.4.5.

Apple iOS services such as iMessage, iCloud, Pay and FaceTime will continue to work after jailbreaking, Unc0ver said. Moreover, the jailbreak will persist between device restarts and will also survive software updates, they claimed.

Before the release of the tool, 'checkra1n' software was the only way to jailbreak devices up to the iPhone 8 and iPhone X.

In August last year, Apple released iOS 12.4.1 to re-patch a security vulnerability that was fixed in iOS 12.3 version (released in May 2019) but it was unpatched again in July with the release of iOS 12.4.

The bug, tracked as CVE-2019-8605, enabled targeted iPhones and iPads to be jailbroken, allowing attackers to take control of the device.

Last year, Apple also upped its maximum bug bounty from $200,000 to $1 million in a bid to ensure that security researchers turn-in any security flaws they find to Apple, rather than selling them to hackers.