Security News This iOS exploit lets users change font system-wide

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
21,567
WARNING: Installing IPA files can be dangerous and may compromise the security of your iOS device and app data. Sharing credit link for educational purposes only.

Recommended update: iOS 16.2. More info: Apple security updates

The developer, Zhuowei Zhang, made a tool that changes an ‌iPhone‌'s system-wide font by exploiting a security loophole present in past versions of ‌iOS 16‌. The security loophole Zhang used to make the tool was patched in iOS 16.2, meaning an ‌iPhone‌ will have to be running iOS 16.1.2 or older to use the tool and change its system-wide font.
Source: iOS 16 Exploit Lets You Change Your iPhone's Font System-Wide

Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689. Works on iOS 16.1.2 and below (tested on iOS 16.1) on unjailbroken devices.

I'm not going to work on this app further.

Fonts included:
  • DejaVu Sans Condensed
  • DejaVu Serif
  • DejaVu Sans Mono
  • Go Regular
  • Go Mono
  • Fira Sans
  • Segoe UI
  • Comic Sans MS
  • Choco Cooky
You can also import custom fonts that were ported for iOS.
Credit: GitHub - zhuowei/WDBFontOverwrite: Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top