Security researcher: Apple has been ignoring 3 serious zero days in iOS 15 for months
Apple is ignoring three reported zero-day vulnerabilities in iOS 15, according to a disgruntled security researcher. One zero-day was fixed with iOS 14.7, without rewarding him for it. To express his dismay, he is now sharing details of the remaining vulnerabilities.
The security researcher, who calls himself “illusionofchaos,” claims to have discovered four significant vulnerabilities in Apple’s operating system between early March and early May, he explains in a blog post. Only one of the vulnerabilities is said to have been fixed, although Apple did not disclose anything about the incident, according to the researcher. He also received no reward through Apple’s controversial Security Bounty program. After several unanswered requests for explanations, illusionofchaos decided to reveal the three as yet unclosed leaks. So far, Apple has not responded substantively to the allegations made by the researcher.
According to illusionofchaos, it would still be possible to access sensitive user data via the Game Center app in iOS 15. The zeroday in question would allow apps installed through the App Store to access the Core Duet database. It contains, among other things, contacts, text messages, messages and telephone numbers. The Apple ID email address and full name of the user could also be stolen in this way. Developer Kosta Eleftheriou confirmed that an exploit is indeed possible in this way. He previously made headlines after he sued Apple for abuse of power.
Illusionofchaos also mentions two slightly less serious zero-days in his blog post that Apple would not have dealt with until now. The Nehelper Enumerate Installed Apps Zeroday gives all user-installed apps the ability to purposefully check whether a specific app is installed on an iPhone. The Nehelper Wifi Info vulnerability allows user-installed applications with access to the location data to access current information about the WiFi connection.
The only vulnerability found by the researcher that has so far been fixed is the Analyticsd zeroday, which allowed user-installed apps to access highly sensitive information. Medical data, gender, age and other sex-related data became accessible as a result. Illusionofchaos claims that Apple collects this user data for unknown reasons, which would clash with its emphatic focus on privacy.