This morning, an iOS cybersecurity researcher announced the release of new iOS exploits named checkm8 that promises to impact almost every iPhone. This new exploit is a permanent unpatchable bootrom exploit, capable of affecting devices from 4S up to the iPhone X.
A bootrom is a read-only memory chip containing the very first code to load when a system starts up. Since bootrom code is the core of the device’s startup process, and it shouldn’t be possible to change it, finding a bug in that code is the highest level of hacking and the most dangerous and impacting one too.
Now thanks to the cybersecurity researcher, the code needed to exploit it is freely available on GitHub.
This exploit provides the capabilities to install arbitrary software, get root permissions, and escape the sandbox. This new exploit is particularly concerning because it is located in a place where it can’t be fixed without replacing the hardware.
List of impacted devices:
iPhones from the 4s up to the iPhone X
iPads from the 2 up to the 7th generation
iPad Mini 2 and 3
iPad Air 1st and 2nd generation
iPad Pro 10.5-inch and 12.9-inch 2nd generation
Apple Watch Series 1, Series 2, and Series 3
Apple TV 3rd generation and 4k
iPod Touch 5th generation to 7th generation
Keep in mind that more will be added, ass soon as the code will be run and verified on other devices too.
Checkm8 works even on a locked device, it’s important to understand that checkm8 is not a remote exploit. To compromise your iPhone, a hacker would need to have it in his hands physically. The device would need to be connected to a computer and put into DFU (Device Firmware Upgrade) mode to exploit it.
This exploit hasn’t been weaponized yet, as far as anyone is aware. Of course, it could already be in secret use by hackers, forensics companies like, and surveillance companies.
Following on the heels of the report from Google Project Zero on China’s recent use of 14 different vulnerabilities to infect iPhones owned by Uyghurs with malware, this adds to the tarnish on iOS’ reputation for security. iOS has long been known as the most secure mainstream mobile system on the planet. However, these incidents lead to hard questions about whether that’s still the case.
Make no mistake, this is a serious issue for Apple and iOS security. What’s important to know here is that, so far, checkm8 only represents a potential danger.
We don’t see checkm8 as something that should drive people away from iOS.
The version of iOS/iPadOS/watchOS/tvOS should not matter at all, as Apple will not be able to patch this in software updates. Only purchasing a whole new, updated device would fix the problem. Apple’s A12 and later chips, used in newer devices: iPhone Xs, iPhone XR, iPhone 11 series, 3rd generation iPad Pros are not vulnerable.