During the annual hacking contest in China, a group of researchers discovered several exploits in Safari and iOS 14.
During the Tianfu Cup hacking contest in China, a group of hackers reportedly discovered and exploited vulnerabilities in Safari and iOS 14 .
The competition asked the various competing teams to successfully demonstrate various exploits. For the 2020 competition, Apple-specific goals were Safari running on a 13-inch MacBook Pro and Safari on iPhone 11 Pro running iOS 14 .
Each device had a list of requirements to be met in order to qualify for prizes awarded by the Tianfu Cup organizers. For Safari, the goal was to explore a remote URL and enable a sandboxed browser or Mac control. For iPhone and iOS 14, the requirements were similar to those of Safari, but with the addition of the need to “bypass PAC mitigation”.
According to the published results , a team managed to successfully demonstrate various Safari exploits on Mac and iPhone, winning a prize of $ 420,000 .
Of course, the details of the exploits have not been released, but they have been provided to Apple for patching under a responsible disclosure policy. Once the vulnerability has been corrected or a set period of time has elapsed, the details of the vulnerabilities are usually shared by the researchers who discovered them.
Recent Comments