Apple has accidentally put iOS users at risk of jailbreak attacks that can enable malicious applications to run arbitrary code with administrative privileges on vulnerable devices. The jailbreak attacks were previously possible due to a critical flaw in iOS 12.2. While this vulnerability, tracked as CVE-2019-8605, was resolved in iOS 12.3, Apple accidentally reintroduced it for 12.4, which is the latest version of its mobile operating system.
Exploiting the flaw will be easy for threat actors because a security researcher going by the moniker Pwn20wnd has published a jailbreaking tool that can be used for this purpose. The tool, called unc0ver, was originally designed for iOS 12.2 devices, but the latest version (v3.5.0) supports attacks on iOS 12.4 devices as well.
Read more: iOS 12.4 Jailbreak Released After Apple Unpatches Older Bug