company logo

Product

Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.

Solutions

By Industry

BFSI

Healthcare

Education

IT & Telecom

Government

By Role

CISO

Application Security Engineer

DevsecOps Engineer

IT Manager

Resources

Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest

Company

Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

loading..
loading..
loading..
Loading...

Apple

iOS 15

Zero-Day

loading..
loading..
loading..

Apple yet again failed to patch iOS Zero-Day Vulnerability reported earlier this year, dumped

Multiple iOS Zero-Day Vulnerabilities were reported many times by security researchers under Apple's bug bounty program, arguably failed to get fixed and...

24-Sep-2021
3 min read

Apple reportedly failed to address three iOS zero-day vulnerabilities that were detected & reported earlier this year. According to the Security Researcher who goes by the moniker, Illusion of Chaos, first claimed to have been notified about these vulnerabilities recently published the key findings of these vulnerabilities on a Russian blogging platform Habr following the release of proof-of-concept code for each vulnerability on GitHub.

Gamed daemon is vulnerable to grant access to user data such as AppleID mail, names, auth token, & grant file system access. PoC.

The nehelper daemon vulnerability can be leveraged within an app to learn what other apps are installed on a device. PoC.

Additionally, another vulnerability found in the nehelper daemon can also be helpful within an app to access a device’s WiFi information.

It was even claimed that iOS 15 could also be highly exploitable if these vulnerabilities aren't patched, according to the security researcher. Moreover, there was a fourth vulnerability that was also reported and also published the proof-of-concept code for a fourth issue, affecting the iOS Analytics daemon as a part of the fourth bugs initially reported by him; however, Apple only managed to patch it in iOS 14.7 in July.

While there was no official response from a spokesperson of Apple however it was arguably believed that Apple might not have prioritized the three issues as they could not lead to “code execution.”

*** I want to share my frustrating experience participating in the Apple Security Bounty program. I’ve reported four 0-day vulnerabilities this year between March 10 and May 4; as of now, three of them are still present in the latest iOS version (15.0), and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page . When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update. There were three releases since then, and they broke their promise each time *** - Illusion of Chaos on Habr

Sharing the vulnerability reporting experience with Apple, the security researcher has also brought similar instances into the picture that transpired some of his other peers, which also comes from the bug bounty program organized by Apple, that goes without saying that to have bug bounties reduced & payments delayed for the threat intel inputs. Yet, this isn't something new to Apple as the company has been experiencing several accusations for similar issues from many disheartened security researchers whose ire were also taken into the context of an article published by Washington Post reflecting how the security team of Apple was overlooking the received bug reports unsolved for months, shipping incomplete fixes, low-balling monetary rewards, or even disqualifying the security researchers from their bug bounty program in case of any plausible complaints.