Researcher says Apple has ignored three zero-day security vulnerabilities that are still present in iOS 15

In 2019, Apple opened its Security Bounty program to the public, offering payouts of up to $ 1 million to researchers who share critical security vulnerabilities in iOS, iPadOS, macOS, tvOS, or watchOS, including techniques for their exploitation. The program is designed to help Apple keep its software platforms as secure as possible.

Since then, reports have emerged indicating that some security researchers are dissatisfied with the program, and now a security researcher using the pseudonym “illusionofchaos” has shared their similar “frustrating experience”.

In a blog post featured by Costa Eleftheriou, an unnamed security researcher said they reported four zero-day vulnerabilities to Apple between March and May this year, but said three vulnerabilities were still present in iOS 15 and one had been fixed in iOS 14.7, without Apple giving them any credit.

I want to share my frustrating experience by participating in the Apple Security Bounty program. This year, I reported four 0-day vulnerabilities between March 10 and May 4, three of which are still present in the latest version of iOS (15.0), and one was fixed in 14.7, but Apple chose to cover it up and not they list it on the security content page. When I confronted them, they apologized, assured me that it happened due to processing issues, and promised to list it on the security content page of the next update. Since then, three editions have been published and each time they have broken their promise.

The person said that last week they warned Apple that they would publish their research if they did not receive an answer. However, they said that Apple ignored the request, which led them to publicly reveal the vulnerabilities.

One of the zero-day vulnerabilities relates to Game Center and reportedly allows any app installed from the App Store to access some user data:

– Apple ID email address and full name associated with it

– Apple ID authentication token that allows access to at least one of the endpoints on * on behalf of the user

– Full access to the file system for reading the Core Duet database (contains a list of contacts from mail, SMS, iMessage, third-party messaging applications and metadata about all user interactions with those contacts (including timestamps and statistics), as and some attachments (like URLs and texts)

– Full access to the file system for reading the speed dial database and address book database, including contact images and other metadata such as creation and modification dates (I just checked on iOS 15, and this one is unavailable, so one had to be quietly fixed recently))

The other two zero-day vulnerabilities that are apparently still present in iOS 15, as well as one patched in iOS 14.7, are also described in detail in a blog post.

Apple has not yet commented on the blog post. We will update this story if the company responds.

Source link

Naveen Kumar

Friendly communicator. Music maven. Explorer. Pop culture trailblazer. Social media practitioner.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button