IOS 15 gets cracked twice during Chinese hacking competition

Spread the love

During the annual Chinese TianFu Cup, two research teams managed to exploit a vulnerability in iOS 15. Team PangU performed a remote jailbreak attack while Kunlun Lab performed a remote code execution via Safari in 15 seconds.

On the first day of the annual TianFu Cup hacking competition, the team PangU managed to jailbreak an iPhone 13 Pro remotely. Which delivered the team reportedly worth $300,000. On the second day, China’s Kunlun Lab was able to perform remote code execution in fifteen seconds via the Safari web browser.

The iPhone devices were running iOS 15.0.2 according to Forbes, and according to patentlyapple, Kunlun Lab took advantage of some vulnerabilities in the iOS 15 kernel and the A15 chipset, allowing it to access photos and apps, as well as access data. erase the device.

Kunlun Lab also managed to exploit vulnerabilities in Google Chrome and Adobe PDF Reader that could allow kernel access, though it’s unclear which versions of the apps are affected and which operating systems they ran on. The team also identified vulnerabilities in VMWare and Windows 10, which allowed local privilege escalation. This allows an attacker to modify permissions in the system. Details about the vulnerabilities have not been disclosed. It is not clear when the manufacturers will close the discovered vulnerabilities.

You might also like
Exit mobile version