Mobile Solutions Oct 2, 2019

Critical vulnerability in Apple hardware: checkm8 boot ROM exploit.

Over the years, Apple has worked hard to develop an unassailable reputation for security, at least with respect to the iPhone. However, the company has been plagued by a number of issues in the past few months. Now there’s a new vulnerability, the checkm8 boot ROM exploit, that Apple cannot patch. Our expert, Matthias Beck, a System Engineers Team Leader, explains what it’s all about.

Share article

What happened?

On 27 September 2019, a hacker named Axi0mX published an exploit affecting Apple devices with A5 to A11 chips—in other words, all device generations from the iPhone 4s to the iPhone X, regardless of the iOS version installed. Even iOS 13 isn’t safe, as the issue cannot be patched with software.


checkm8 exploits a boot ROM vulnerability that lets attackers install malware, a keylogger or something similar on the affected phone or to eavesdrop on network traffic. Personal and business data are unaffected if you use an iPhone 6 or later and protect it with a lock screen using a PIN, passcode, Face ID or Touch ID.


What does this mean for you and your users?

A boot ROM exploit is a type of tethered jailbreak, meaning it must be run every time the device is restarted. If you suspect a device has been affected, the first thing to do is restart it. Moreover, the attacker must have physical access to the end device by connecting it to a computer via USB. The attacker would also have to crack any lock screen protecting your device before they could access personal or business data.


My two cents.

Based on my experience working on customer projects, hardly any companies actively use iOS devices predating the iPhone 6s. The devices they do use are covered by mobile device management and required to have a lock screen with at least six characters and no ascending number sequences.


That being said, this vulnerability does exist. Your in-house IT department should assess the risk for your users and whether you should switch over to newer devices with an A12 or A13 chip. I highly recommend informing users about the potential risk as well as reviewing your device password requirements. In addition, you should be managing all mobile devices using an MDM solution that not only is able to detect jailbreaks and threats on the device, but will notify you of them and initiate countermeasures.

Matthias Beck
Team leader System Engineers