Apple pays ethical hackers $288k for finding 55 vulnerabilities

If exploited the bugs would have provided access to Apple's infrastructure and sensitive user data

Apple has paid a group of ethical hackers $288,500 (£222,813) for finding and disclosing critical vulnerabilities in its network, some of which could have provided access to company infrastructure and iCloud data.

Since 6 July of this year, Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes have worked together as a part of Apple’s bug bounty programme. The team managed to discover a total of 55 vulnerabilities, 11 of which were of critical severity, 29 of high severity, 13 of medium severity, and two of low severity.

The 11 most critical bugs made it possible for the group to access Apple’s infrastructure and use it to potentially steal confidential information such as private emails and iCloud data.

Sam Curry said that the team “found a variety of vulnerabilities in core portions of [Apple’s] infrastructure that would've allowed an attacker to fully compromise both customer and employee applications, launch a worm capable of automatically taking over a victim's iCloud account" and "fully compromise an industrial control warehouse software used by Apple", as detailed in a blog covering three months of research.

He added that exploits may have also allowed hackers to "take over the sessions of Apple employees with the capability of accessing management tools and sensitive resources".

The 11 vulnerabilities found to be critical were as follows:

  • Remote Code Execution via Authorization and Authentication Bypass
  • Authentication Bypass via Misconfigured Permissions allows Global Administrator Access
  • Command Injection via Unsanitized Filename Argument
  • Remote Code Execution via Leaked Secret and Exposed Administrator Tool
  • Memory Leak leads to Employee and User Account Compromise allowing access to various internal applications
  • Vertica SQL Injection via Unsanitized Input Parameter
  • Wormable Stored XSS allows Attacker to Fully Compromise Victim iCloud Account
  • Wormable Stored XSS allows Attacker to Fully Compromise Victim iCloud Account
  • Full Response SSRF allows Attacker to Read Internal Source Code and Access Protected Resources
  • Blind XSS allows Attacker to Access Internal Support Portal for Customer and Employee Issue Tracking
  • Server-Side PhantomJS Execution allows attacker to Access Internal Resources and Retrieve AWS IAM Keys

According to Curry, the “vast majority” of the 55 vulnerabilities have already been fixed.

“They were typically remediated within 1-2 business days (with some being fixed in as little as 4-6 hours),” he added.

Apple has so far paid the team a total of $288,500 for discovering the vulnerabilities, yet they could be awarded another quarter of a million dollars when the tech giant processes the entirety of their report.

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

BillQuick billing software exploit lets hackers deploy ransomware
Security

BillQuick billing software exploit lets hackers deploy ransomware

26 Oct 2021
Ransomware hit industrial sector the hardest in the third quarter
ransomware

Ransomware hit industrial sector the hardest in the third quarter

25 Oct 2021
Tesco services knocked offline after suspected cyber attack
hacking

Tesco services knocked offline after suspected cyber attack

25 Oct 2021
Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Royal Mint to recover gold from smartphones and laptops in world first
Technology

Royal Mint to recover gold from smartphones and laptops in world first

21 Oct 2021