Researcher at Apple has discovered 55 vulnerabilities in Apple’s web domain (Haworth, 2020). Research spent three months at Apple to discover the vulnerabilities and during the research they have found 11 critical bugs, 29 high severity, 13 medium, and 2 low severities bugs. The most critical bug that was found was able to executed remotely. It was also capable of storing a cross-site scripting that would have compromised customer’s iCloud accounts. Researcher were able to also access Apple’s internal projects sources codes. Accordingly to the article, most of the majority bugs has been fixed by the Apple (Haworth, 2020). The research were able to compromise the Apple Distinguished Educator (ADE) program using the bug that was able to executed remotely. The ADE program assigned an default password which then was used to perform an brutal force attack on other accounts and research were able to get access to an admin account. Which allowed them an access to the Apple’s network.
References:
Haworth, J. 2020. Researchers discover scores of security bugs in Apple’s stem and core. Retrieved from: https://portswigger.net/daily-swig/researchers-discover-scores-of-security-bugs-in-apples-stem-and-core
Leave a Reply
You must be logged in to post a comment.