The most awaited presentation at HITB CyberWeek 2020 by security researcher 08Tcw3BB. An exploit for iOS & iPadOS 13.5.1-13.7 has been publicly released by associated tech security company ZecOps.
The announcement was posted via the ZecOps Twitter account on Thursday afternoon. ZecOps links to a blog post on the company's own website that explains about the exploit. Such as how it functions by proof of concept, and how it might be exploited by other experts. We identify a proof of concept for Local Privilege Escalation (LPE) that can be compiled on your iPhone or iPad with Xcode and side-loaded. Importantly, this needs a Mac.
For the jailbreak community, this is kind of good news. As the exploit is able to achieve tfp0. This port is also known as a kernel task port. This causes the handset's kernel memory to be read and written randomly. As you would expect, on selected versions of iOS or iPadOS, this is just the kind of exploit that a jailbreak developer will need to create a jailbreak feature.
As we know from the previous 08Tc3wBB statement, the vulnerability will be shared with Pwn20wnd, the lead developer of unc0ver. Using this exploit it is possible to upgrade the jailbreak tool to support the targeted iOS and iPadOS models. But now that the vulnerability has been released to the public. It should be worth enough to have other jailbreak teams.
Lead developer of the Odyssey Team jailbreak, CoolStar made this statement via their official Discord channel. He confirmed that the jailbreak will be modified to support up to iOS & iPadOS.
Official support for iOS & iPadOS 13.5.1-13.7 can be added soon from all the main public jailbreak tools. FreeTheSandbox is currently heading to release their own jailbreak tool with iOS & iPadOS 13.5.1-13.7 support as an added option. They still hope to keep it as an exploit for later iOS and iPadOS versions.