Today news broke today of Jamf’s latest research around a new vulnerability on iPhones dubbed ColdInvite that allows attackers to take advantage of a known vulnerability called ColdIntro in certain versions of iOS.
ColdInvite was found by security researcher 08tc3wbb when analyzing ColdIntro, which was patched last year. While looking deeper into this vulnerability, Jamf’s researcher uncovered some “interesting and mysterious” information leading to the discovery of ColdInvite.
When Apple released iOS 15.6.1 to patch ColdIntro, the goal was to mitigate the method used by an attacker to jump from the co-processor to the application processor (AP). However, Jamf has now discovered that the initial patch was incomplete. It mitigated one of the ways an attacker could escape the co-processor, but it didn’t address the root cause of the underlying vulnerability.
ColdInvite allows threat actors to similarly escape from the display co-processor to the AP kernel, opening the door to potential device takeovers and the accessibility of sensitive information. Jamf says the discovery of ColdInvite is likely just the beginning of more and more co-processor attacks and escape vulnerabilities that we’ll see as the threat landscape continues to evolve.
1 Comment
Comments are closed.