Researcher highlights three security flaws in Apple’s iOS15; See what data can be leaked
Apple has just released their iOS 15 and they are extremely confident that their OS is completely free of any security vulnerabilities. To back it up, Apple has recently released a Security Bounty Program to the public. With this program, Apple will be willing to offer payouts with $1 million to any researcher who shares details about security threats in their iOS, iPadOS, macOS, tvOS, or watchOS. Several programmers have been sending in some information to this program and have helped the American tech giant to solve these issues.
iOS 15 security flaws
Recently, a security researcher who goes by the title”illusionofchaos” claimed that he had reported a total of zero-day vulnerabilities to Apple between March and May. The researcher claims that only one of these vulnerabilities have been fixed till now and the rest 3 can still be accessed by hackers. According to his blog post, several other researchers are not happy with the working of the Apple Security Bounty program. Here is a list of Tweets from researchers who have shared their thoughts about the Apple Security Bounty program.
#infosec #bugbounty #bughunter
Apple bug bounty porgram is like a joke.After 3 months of the fix and their thoughly “invesgate”,my 0-click heap buffer overflow gets non paid without a reliable exploit.Well done,apple.
Maybe next time I will public their vuln before it get fixed. pic.twitter.com/ngo940dimb
— 5n1p3r0010 (@5n1p3r0010) May 20, 2021
With today’s fixes, I have 17(!!) cases with Apple, where the reward wasn’t even decided in the Apple Security Bounty program. Some of these pending since the release of Big Sur 11.0.1. #apple #asb
— Csaba Fitzl (@theevilbit) July 21, 2021
Researchers who are naive enough to submit bugs to Apple bug bounty should start demanding interest on the payments. They are losing investment opportunities and good returns on that money 😂😂😂😂😂
Say no to Apple bug bounty 🖕
— fG! (@osxreverser) July 21, 2021
All Data that can be accessed using such iOS 15 security flaws
Apart from this, here is also a list of information about all the data that can be accessed using the three iOS15 vulnerabilities. All of this…