Security News > 2021 > September > Frustrated dev drops three zero-day vulns affecting Apple iOS 15 after six-month wait
Upset with Apple's handling of its Security Bounty program, a bug researcher has released proof-of-concept exploit code for three zero-day vulnerabilities in Apple's newly released iOS 15 mobile operating system.
"I've reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are still present in the latest iOS version and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page," the researcher wrote.
Apple on Thursday issued a patch for macOS Catalina to address a different zero-day, having gone through a similar exercise ten days earlier to address a zero-click iMessage bug used to target human rights activists and other flaws.
Kosta Eleftheriou, the developer behind the Apple Watch keyboard app FlickType, said via Twitter that he tested the Gamed 0-day on iOS 14.8 and iOS 15 and confirmed that it works as advertised.
"To me, the bigger takeaway is that Apple is shipping iOS with known bugs," Wardle said, noting that "IllusionOfChaos" claims to have reported the bugs months ago.
The Register asked Apple to comment, but the brick wall did not respond.
News URL
https://go.theregister.com/feed/www.theregister.com/2021/09/24/apple_zeroday/
Related news
- Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update (source)
- Apple fixes this year’s first actively exploited zero-day bug (source)
- Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More (source)
- Apple plugs security hole in its iThings that's already been exploited in iOS (source)
- Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085) (source)
- Apple fixes zero-day exploited in 'extremely sophisticated' attacks (source)
- Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) (source)