As the annual Pwn2Own conference continues today, Safari remains a common target among security researchers. Following the exploits we reported on earlier today, day two of the conference brought more news for Apple…
Sylvania HomeKit Light Strip
First, according to results posted to the Trend Micro’s Zero Day Initiative website this evening, Georgi Geshev, Alex Plaskett, and Fabi Beterke of MWR Labs used two vulnerabilities to exploit Safari and ultimately escape the sandbox. This means the exploit theoretically would be able to access permissions beyond Safari.
The MWR Labs team ultimately earned $55,000 and 5 Master of Pwn points.
MWR Labs – Alex Plaskett , Georgi Geshev , Fabi Beterke, targeting Apple Safari with a sandbox escape
Success: The team used two vulnerabilities to exploit Safari and escape the sandbox. They earned themselves $55,000 and 5 Master of Pwn points.
In a separate session, Nick Burnett, Markus Gaasedelen, and Patrick Biernat of Ret2 Systems targeted Safari with a macOS kernel elevation of privilege vulnerabilities. The team was ultimately unable to complete their exploit during their allotted time, though they did get it working after the fact.
Markus Gaasedelen, Nick Burnett, Patrick Biernat of Ret2 Systems, Inc. targeting Apple Safari with a macOS kernel EoP
Failure: The contestant could not get his exploit working within the time allotted.
The most important aspect of the Pwn2Own conference, which began is 2007, is that developers like Apple are notified of the exploits and have ample opportunity to patch what could otherwise be critical software flaws.