Chinese security researchers Min Zheng and Xialong Bai have taken to Twitter to show off a POP attack proof on the iPhone XS Max running iOS 12.1.2. Min Zheng had earlier showcased a similar security exploit but that was only applicable on an iPhone 6s.
Thanks to the continued work of both security researchers, they have now managed to get task_for_pid_0 and root access on an iPhone XS Max running iOS 12.1.2.
Finally! (Mach) Port-oriented Programming (a.k.a POP) Attack Proof 3: Get task_for_pid_0 & root on iOS 12.1.2 (iPhone XS Max with A12 core), by @bxl1989 and @SparkZheng . PAC bypassed now! pic.twitter.com/gL3LZMnqUj
— Xiaolong Bai (@bxl1989) January 15, 2019
This essentially means that there are certain exploits present in A12 Bionic chip which can pave the way for a potential iOS 12.x jailbreak. Sadly, it is unlikely that we will see Zheng and Bai release their security exploit to the public. These talented security researchers are known to show off security exploits on various iOS versions and iPhones but rarely do they ever release it to the public.
This is not the first security exploit that we have seen being demoed for iOS 12, though it is certain for iOS 12.1.x running on an A12 device like the iPhone XS. A powerful sandbox escape in iOS 12 has also been discovered that can be used to launch Pangu’s IOHID exploit which in turn can lead to an iOS 12 jailbreak. However, someone with the required skill and time needs to put in a certain amount of hard work turn this into a reality.