Security researcher Denis Tokarev shared an articles disclosing several zero-day exploits.
Issues are expected to be fixed following the public exposure.
Blog post: Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program
References: Security researcher accuses Apple of ignoring multiple iOS 15 zero-day vulnerabilities, Researcher Says Apple Ignored Three Zero-Day Security Vulnerabilities Still Present in iOS 15
Recommendations
Developer:
Study Bug Bounty program rules. Consider escalating unresolved issues.QA engineer:
Study Bug Bounty program rules. Consider escalating unresolved issues.PM/DM:
Business as usual.
Leave a comment