An iOS app allows you to change the system font without Jailbreak. Works on iOS 16

Unlike taking your device through the whole Jailbreak process, the method shown in an iOS app created for demonstration purposes is completely risk-free, according to the Chinese developer.

By name, Zhuowei Zhang, the author of the app that also works on iOS 16 admits that the functionality is achieved by exploiting a known but as yet unpatched vulnerability in the iOS system. Labeled CVE-2022-46689, the exploit allows the system font to be overwritten with a “custom” version, bypassing security mechanisms Apple has created to prevent unauthorized modification of protected files.

Because Apple uses a proprietary format for iOS fonts, developer Zhang had to limit the customization options to just a few optional fonts already found on iOS devices. According to him, the changes disappear when the device is restarted, making the experimentally created app perfectly safe to use. However, for understandable reasons Zhang can’t list his creation in the AppStore catalogue.

Although the purpose of the app is basically harmless, the vulnerability exposed up to OS version 16.1.2 can just as easily be accessed to inject malicious code and get it running with system privileges normally reserved only for the operating system kernel.

Promptly addressed by Apple, vulnerability CVE-2022-46689 has been closed as of iOS version 16.2.