Apple recently pushed the official version of the iOS 15.2 update, bringing a number of new content and bug fixes. According to the Apple jailbreak team Qi’an Pangu, Apple also fixed a remote jailbreak vulnerability in iOS 15.2, which can remote jailbreak the iPhone in one second.
The white-hat hacker slipper of Pangu Lab used multiple vulnerabilities such as the Safari browser and the iOS kernel to carry out combined attacks to obtain the highest control authority of the mobile phone and crack iPhone 13 remotely in 1 second.
From the perspective of the attack principle, when the user clicks on the forged link, the remote code execution vulnerability of the Safari browser can be triggered, allowing the attacker to execute the attack command remotely.
After bypassing the Safari browser protection mechanism, the slipper once again used multiple vulnerabilities in the iOS15 kernel and the A15 chip to perform a combined attack, successfully bypassing multiple security protection mechanisms, and obtained the highest control of the mobile phone and can obtain information at will. Including photo albums, apps, etc., you can even directly delete data on the device or execute other arbitrary commands.
The user clicks a link to trigger an attack without other interaction. The whole cracking process only takes 1 second. This kind of fast attack and simple trigger method is very harmful to users.