Researchers complain that "Apple ignores reports" ~ 3 zero-day vulnerabilities in iOS 15

Despite reporting to Apple that a zero-day vulnerability exists in iOS, Apple ignored it, and security researchers have complained on their blog that the vulnerability remains unfixed in iOS 15.

4 reports, 3 remain uncorrected

According to security researcher illusion of chaos, he participated in Apple’s Security Bounty Program, discovering four zero-day vulnerabilities between March 10 and May 4, 2021 and reporting them to Apple.

One of them was fixed in iOS 14.7, but the other three remain unfixed in the latest iOS 15, illusion of chaos said.

What’s more, the fact that he discovered and fixed it wasn’t posted on Apple’s iOS 14.7 security content page, so illusion of chaos complained about it. Apple apologized and promised to post it in the next update, but it hasn’t been posted at this time.

No response from Apple, open to the public

Illusionofchaos contacted Apple again about one unlisted case and three zero-day vulnerabilities left unattended. However, in the end, there was no response from Apple, and he judged that “sufficient days (about half a year) have passed since the vulnerability was reported” (Google Project Zero released it 90 days after receiving the vulnerability report). On September 23, local time, he published a series of vulnerabilities and interactions with Apple on his blog.

“I’m not the only one disappointed with Apple’s security bounty program,” said illusionofchaos. I am explaining.

Since it is a specialized content, I will not go into the details of the vulnerability here, but only give an overview.

Gamed 0-day: A vulnerability that allows apps installed from the App Store to access information such as Apple ID emails without the user’s permission.
Nehelper Enumerate Installed Apps 0-day: A vulnerability that allows an installed app to determine if another app associated with an arbitrary ID is installed on the device.
Nehelper Wifi Info 0-day: A vulnerability that allows apps that meet the conditions to access Wi-Fi information without permission.

Source: illusion of chaos / Habr via 9to5Mac, About the security content of iOS 14.7 and iPadOS 14.7
(lunatic)

Source: iPhone Mania

Researchers complain that “Apple ignores reports” ~ 3 zero-day vulnerabilities in iOS 15

4 reports, 3 remain uncorrected

No response from Apple, open to the public

OnePlus 11 5G Unboxing & Review ! Different OnePlus

How to install ios 13 beta

Mate 60 actualiza a HarmonyOS 4.0.0.162 y ejecuta GMS, Intel perdera licencia a finales de 2024

Apple plans to remove FineWoven cover 8 months after launch

iOS 16 just LEAKED the iPhone 14 Pro!

RESET Windows 10/11 Forgotten Password (Without losing Data) 3 Methods of 2024

The “New” File System in Windows: ReFS

I wore Apple Vision Pro for 48 Hours! (bad idea)

UPDATED!! Version 4.6 to 4.8 Banners Roadmap Including RERUNS – Genshin Impact

Windows 11 vs Mac Os vs Linux in 2024

iPad Pro 2024 – Apple POR FIN lo Hace!!

Spatial Computing on the Quest 3: Do You Really Need a Vision Pro?

FINALLY HERE! How To Jailbreak iOS 11.4.1 With The NEW Pangu11.mobi untethered iOS 11 Jailbreak!

iPhone 14 Very Bad News | Serious Problem

OnePlus 11 5G Unboxing & Review ! Different OnePlus

How to install ios 13 beta

Mate 60 actualiza a HarmonyOS 4.0.0.162 y ejecuta GMS, Intel perdera licencia a finales de 2024

Apple plans to remove FineWoven cover 8 months after launch

Retroarch: Playstation 1 SwanStation Setup Guide #retroarch #playstation1 #emulator

Apple Vision Pro is heavily discounted on US second-hand trading platforms

New Method iCloud Unlock IPhone 4,4S,5,5S,5C,6,6S,Plus,7,8,X No JailBreak 2024

Friday Night Funkin’: VS Pibby Bugs Bunny FULL WEEK + Cutscenes [FNF Mod/HARD] Pibby Corrupt Mod

Apple CarPlay Android Auto for Infiniti G37 2007-2013 OEM Integration Screen Upgrade

iOS 17.4 Review after 3 days | Should you update to iOS 17.4?

I Saved 333 Pulls F2P for Xiao | Genshin Impact

Movement Player Unlocks Octane’s New Heirloom…