September 24, 2021 03:20 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/H_eiUiamBzw/researcher-dumps-three-ios-zero-days-after-apple-failed-to-fix-issues-for-months
Researcher Dumps Three iOS Zero-days After Apple Failed To Fix Issues for Months
A security researcher has published details about three iOS zero-day vulnerabilities, claiming that Apple has failed to patch the issues, which they first reported to the company earlier this year. From a report: Going by the pseudonym of Illusion of Chaos, the researcher has published their findings on Russian blogging platform Habr and has released proof-of-concept code for each vulnerability on GitHub. This includes: 1. A vulnerability in the Gamed daemon that can grant access to user data such as AppleID emails, names, auth token, and grant file system access. 2. A vulnerability in the nehelper daemon that can be used from within an app to learn what other apps are installed on a device. 3. An additional vulnerability in the nehelper daemon can also be used from within an app to gain access to a device's WiFi information.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/H_eiUiamBzw/researcher-dumps-three-ios-zero-days-after-apple-failed-to-fix-issues-for-months
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot