A team of security researchers including Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb, and Tanner Barnes, who worked together and hacked on the Apple bug bounty program between the period of July 6th to October 6th, have now shared their findings in a blog post.
“The first step in hacking Apple was figuring out what to actually target. Both Ben and Tanner were the experts here, so they began figuring out what all Apple owned that was accessible to us. All of the results from their scanning were indexed in a dashboard that included the HTTP status code, headers, response body, and screenshot of the accessible web servers under the various domains owned by Apple that we’d refer to over the engagement.”
The researchers found a variety of vulnerabilities in core portions of Apple’s infrastructure. A total of 55 vulnerabilities were discovered with 11 critical severity, 29 high severity, 13 medium severity, and 2 low severity reports.
As of October 6th, 2020, the vast majority of their findings have been fixed and credited. They were typically remediated within 1-2 business days, with some being fixed in as little as 4-6 hours.
As of October 4th, the team has received four bounty payments totalling over $50,000 for some of the vulnerabilities and expects to receive more payment for even more critical flaws.