The computer security company Elcomsoft recently highlighted the existence of a flaw on iPhone, iPad and iPod running iOS 12 and up to iOS 13.3. This flaw takes advantage of a vulnerability incorporated in certain Ax processor chips. It is also quite serious. Indeed, it allows the hacker to access information from a locked iOS device, without having to unlock it, and even if the device is in a so-called BFU state.
This BFU state, for Before First Unlock, is the hardest lock state on an iOS device. An iPhone, iPad, or iPod is in BFU state after a first start-up or restart, while no attempt to unlock has yet been made by the user.
In this state of BFU, data on the iOS device is normally very securely encrypted until the user makes their first attempt to unlock by code.
Only, according to Elcomsoft, it is possible to access data from the iPhone or iPad, even in BFU state, such as information from the access keychain, notably containing passwords, identifiers and email addresses. However, the hacking procedure requires installing jailbreak software on the targeted device. But this can be done even on an iPhone in BFU condition.
Which iPhone affected?
Elcomsoft specifies that the security flaw no longer exists on recent Ax chips. Thus, iOS devices equipped with an A12 processor or newer model are not affected. But all iOS devices equipped with an A7, A8, A9, A10 or A11 chip present the vulnerability exposed above, either the following iPhone and iPad models:
- iPhone 5s, iPhone 6 and 6 Plus, iPhone 6s and 6s Plus, iPhone SE, iPhone 7 and 7 Plus, iPhone 8 and 8 Plus, iPhone X
- iPad Air 1 and 2, iPad mini 2, 3 and 4, iPad Pro 12.9 ″ (1st and 2nd generation), iPad Pro 9.7 ″, iPad Pro 10.5 ″, iPad (5th and 6th generation)
How to take advantage of the flaw?
The tool used by Elcomsoft costs $ 1,500. And to hack the iPhone by installing the jailbreak, the software underlying the procedure, the hacker must have the iPhone or the iPad physically with him.
With its new and newer A12 chips, Apple seems to have already corrected this. But will it be able to correct in a software way the flaw highlighted here by Elcomsoft and present on millions of iOS devices already in circulation? Nothing is less sure.