Researcher Hijacks iOS, macOS Camera with Three Safari Zero-Days
Ryan Pickren, a security researcher, has been awarded $75,000 by Apple for uncovering seven zero-days in Safari, three of which Pickren used to access the camera. The discoveries were shared with Apple in December of 2019 and were subsequently patched. Using the three flaws, Pickren was able to build an attack chain and access the camera and microphone on iOS and macOS devices.
All zero-days were effectively patched as of the latest Safari update, 13.1, which was released on March 24. Pickren had years of experience hunting for Safari bugs and was, therefore, able to uncover weird behavior that he was able to combine into a kill chain after hammering the browser with obscure “corner cases.” Pickren found the zero-days which allowed him to access iOS device cameras and microphones before Apple launched its public bug bounty program in December of 2019.