Developer exploited CVE-2022-46689 to overwrite fonts on unjailbroken iOS 16.1.2
At present, the user cannot modify the iOS system font. Apple does not provide such a function, but a developer has exploited the security vulnerability and realized font replacement without jailbreaking. Only iOS 16.1.2 and below are supported.
This flaw is CVE-2022-46689 (CVSS score: 8.4). With the help of the vulnerability, arbitrary code can be executed with kernel privileges, and of course, it can also be used to change fonts.
CVE-2022-46689 could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition in the iOS kernel. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with kernel privileges.
Developer @Zhuowei Zhang shared the proof-of-concept on Twitter. Although it is said that the font is modified globally, some fonts cannot be replaced. The fonts must be ported for iOS to import into the system.
In addition, modifying the font has no effect on the iPhone, because as long as the system is restarted, everything will return to the previous state. At present, the font modification has not persisted.
Although the developer has published the relevant code on Github, ordinary users cannot use it. Users must compile it through Xcode or sign the IPA file with a developer certificate to install it.
