Security Researchers Awarded over $250,000 for Reporting 55 Vulnerabilities in Apple’s Bug Bounty Program – HOTforSecurity


A complete three-month evaluation of Apple’s on-line providers has netted a workforce of safety researchers a $288,500 reward after reporting essential vulnerabilities as a part of its bug bounty program.

In whole, the researchers disclosed 55 vulnerabilities, together with 11 flagged essential, 29 excessive and 13 medium in severity.

If exploited, these vulnerabilities “would’ve allowed an attacker to completely compromise each buyer and worker functions, launch a worm able to mechanically taking on a sufferer’s iCloud account,” the researchers stated.

Some flaws may even give dangerous actors the means to take over staff’ classes, permitting entry to administration instruments or delicate assets.

As their report suggests, the iPhone producer was extremely responsive, fixing some essential bugs in simply a few hours.

“General, Apple was very aware of our reviews. The turnaround for our extra essential reviews was solely 4 hours between time of submission and time of remediation,” the researchers added.

The essential bugs flagged by safety researchers embody:

• Distant Code Execution through Authorization and Authentication Bypass
• Authentication Bypass through Misconfigured Permissions permits International Administrator Entry
• Command Injection through Unsanitized Filename Argument
• Distant Code Execution through Leaked Secret and Uncovered Administrator Instrument
• Reminiscence Leak results in Worker and consumer account Compromise permitting entry to numerous inside functions
• Vertica SQL Injection through Unsanitized Enter Parameter
• Wormable Saved XSS permits Attacker to Absolutely Compromise Sufferer iCloud Account
• Wormable Saved XSS permits Attacker to Absolutely Compromise Sufferer iCloud Account
• Full Response SSRF permits Attacker to Learn Inner Supply Code and Entry Protected Assets
• Blind XSS permits Attacker to Entry Inner Help Portal for Buyer and Worker Subject Monitoring
• Server Aspect PhantomJS Execution permits an attacker to Entry Inner Assets and Retrieve AWS IAM Keys

One of many essential bugs was discovered within the Apple Distinguished Educators web site (“”). The flaw may have letattackers entry the administrator console and execute arbitrary code by byspassing authentication utilizing a hidden default password.

A separate essential flaw may enable dangerous actors to steal iCloud knowledge equivalent to images, calendar data and paperwork by means of a modified electronic mail tackle.

“There’s a mail app on each iOS and Mac which is put in by default on the merchandise,” the report reads.

“The mail service is hosted on ’‘ alongside all the different providers like file and doc storage. This meant, from an attacker’s perspective, that any cross-site scripting vulnerability would enable an attacker to retrieve no matter data they wished to from the iCloud service. We started to search for any cross-site scripting points at this level.”

apple bug bounty payouts,apple bug bounty reddit,ios bug bounty write-ups,apple vulnerability 2020,google security bounty,apple bug bounty indian,bug bounty program india,iphone security issues,bug bounty reports,apple security problems,apple store security,apple security notification,google bug bounty out of scope,apple iphone security breach

You May Also Like