APPLE PAYS $288,000 TO WHITE-HAT HACKERS WHO HAD FOUND OUT THE 11 CRITICAL BUGS 

APPLE PAYS $288,000 TO WHITE-HAT HACKERS
Spread the love

Before the months ago there was a risk of hacks in Apple’s corporate that could have taken place stolen sensitive data from potentially millions of its customers and executed malicious code of a customer’s phones and systems, a security researcher said.

A Specialized Website Security Researcher Sam Curry 20-year-old and his team had found outed the 55 vulnerabilities in Apple Corporate have worked together as a part of Apple’s bug bounty program they gave access them to take control of the core Apple infrastructure and he had rated: 11 vulnerable are critical, 29 of high severity, 13 of medium severity and 2 of low severity.APPLE PAYS HAT HACKERS

The 11 vulnerabilities would make cause us to steal private emails, iCloud data, and other private information.

THE 11 CRITICAL BUGS OF APPLE CORPORATE WERE :

Remote Code Execution via Authorization and Authentication Bypass.

Authentication Bypass via Misconfigured Permissions allows Global Administrator Access.

Command Injection via Unsanitized Filename Argument.APPLE PAYS HAT HACKERS

Remote Code Execution via Leaked Secret and Exposed Administrator Tool.

Memory Leak leads to Employee and User Account Compromise allowing access to various internal applications.

Vertica SQL Injection via Unsanitized Input Parameter.

Wormable Stored XSS allows Attacker to Fully Compromise Victim iCloud Account.

Wormable Stored XSS allows Attacker to Fully Compromise Victim iCloud Account.

Full Response SSRF allows Attackers to Read Internal Source Code and Access Protected Resources.

Blind XSS allows Attackers to access the Internal support Portal for Customer and Employee Issue Tracking.

Server-Side PhantomJS Execution allows attackers to Access Internal Resources and Retrieve AWS IAM keys.

According to Sam Curry, the “vast majority” of the 55 vulnerabilities have already been fixed.

“They were typically remediated within 1-2 business days(with some being fixed in as little as 4-6 hours)”, he said.

Apple has said it’s going to pay $ 288,500 for discovering the vulnerabilities, and Sam and his team have expected that they could exceed the $500,000 when they digest all the bugs and reports in Apple.

More Technology News Click Here


Spread the love

1 Trackback / Pingback

  1. BLACK SHARK 3 PRO RELEASE DATE, PRICE, AND SPECIFICATION

Leave a Reply

Your email address will not be published.


*