Modify Trusted Execution Environment
If an adversary can escalate privileges, he or she may be able to use those privileges to place malicious code in the device's Trusted Execution Environment (TEE) or other similar isolated execution environment where the code can evade detection, may persist after device resets, and may not be removable by the device user. Running code within the TEE may provide an adversary with the ability to monitor or tamper with overall device behavior.
Devices may perform cryptographic integrity checks of code running within the TEE at boot time.
iOS devices will fail to boot if the software running within the Secure Enclave does not pass signature verification.