Home → News → Apple Fixes Bug That Could Have Given Hackers Full... → Full Text

Apple Fixes Bug That Could Have Given Hackers Full Access to User Accounts

By Ars Technica

June 3, 2020

[article image]


The Sign in with Apple tool, which allows users to log in to third-party apps without revealing their email addresses, has fixed a bug that could enable attackers to gain access to those accounts.

App developer Bhavuk Jain reported the zero-day vulnerability in the privacy-enhancing tool to Apple as part of the company's bug bounty program, and received a $100,000 reward.

Sign in with Apple logs in users with either a JSON Web Token (JWT) or a code generated by an Apple server, which is then used to generate a JWT.

Users can share the Apple email ID with a third party or keep it hidden, and in the latter instance, Apple creates a JWT that contains a user-specific relay ID.

Jain found that an attacker could forge a JWT by linking any email ID to it, which would provide access to the victim's account.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA

0 Comments

No entries found