Security researcher Denis Tokarev shared an articles disclosing several zero-day exploits.

Issues are expected to be fixed following the public exposure.

Blog post: Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program

References: Security researcher accuses Apple of ignoring multiple iOS 15 zero-day vulnerabilities, Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15

Recommendations

Developer:

Study Bug Bounty program rules. Consider escalating unresolved issues.

QA engineer:

Study Bug Bounty program rules. Consider escalating unresolved issues.

PM/DM:

Business as usual.

Join the Conversation

2 Comments

Leave a comment

Leave a Reply