For the past several years, the overwhelming majority of jailbreaks have been semi-untethered, meaning that you could still use a handset hacked liberated by said tools after a reboot, albeit in a non-jailbroken state.
The lack of untethered jailbreaks — or those that remain fully jailbroken following a reboot — has been a pain point for jailbreakers for as long as anyone can remember. For that reason, a Tweet shared by @LinusHenze Monday afternoon might be of particular interest…
The Tweet, which is accompanied by a video, appears to demonstrate an untethered jailbreak on an iPhone 12 Pro Max running iOS 14.5.1 that utilizes a handful of exploits:
In the video, Henze boots the handset up without any cables attached and immediately begins showing the installed firmware version and hardware model. Afterward, Henze shows off a working Sileo package manager.
Based on the Tweet, we can discern that the exploits used include CVE-2021-30740, CVE-2021-30768, CVE-2021-30769, CVE-2021-30770, and CVE-2021-30773.
From what we can gather, CVE-2021-30740 was patched in iOS & iPadOS 14.6, while the other four of those mentioned above were patched in the newer iOS & iPadOS 14.7. The lowest common denominator would then be iOS & iPadOS 14.6, which means the untether would only work on iOS & iPadOS 14.5.1 and below unless another kernel exploit could replace the one patched by iOS & iPadOS 14.6.
Henze is a reputable source for iPhone security research, having released exploits in the past. However, it remains to be seen if Henze will release this untether or any documentation that could help to produce one for the common jailbreaker.
In any case, it’s awesome to see that this type of jailbreak is still possible despite all the software defenses that Apple lauds with every update.
Does seeing this make you hopeful that we’ll see another untethered jailbreak at some point in the future? Discuss your thoughts in the comments section down below.