We know that your employees lurk here, use tools that we've created internally and that our ideas have been implemented by you more than once, so help us help you - I promise that we don't bite įinally, I encourage Amazon/Lab126 to provide a method of unlocking their devices that doesn't involve the need of a 0-day, both for security researchers and for technical users who are interested in modifying their devices.
If you're concerned about the security of your device and do not wish to jailbreak, install firmware version 5.14.3 from this link - I've been working with Amazon to create a fix and can confirm that this version has been hardened against this vulnerability.Īdditional thanks to everyone at Amazon/Lab126 who contributed towards this. This vulnerability is released in good faith and in the hope that other security researchers will utilise the access that it provides to assist Amazon/Lab126 in improving their security posture.
Thank you to NiLuJe, yparitcher and darkassassinua for adding KOReader support for PW5, repackaging all of the hacks and testing this jailbreak AKA CVE-2022-23224, CVE-2022-23225, CVE-2022-23226 - full writeup with technical details to be released after 5.14.3 has been widely rolled out.