iOS 15.0 Nehelper Wifi Info Entitlement Check Bypass

Posted by deepcore on September 28, 2021 – 1:21 am

Zero day exploit for Nehelper Wifi Info on iOS 15.0. XPC endpoint com.apple.nehelper accepts user-supplied parameter sdk-version, and if its value is less than or equal to 524288, the com.apple.developer.networking.wifi-info entitlement check is skipped. This makes it possible for any qualifying application (e.g. possessing location access authorization) to gain access to Wifi information without the required entitlement. This happens in -[NEHelperWiFiInfoManager checkIfEntitled:] in /usr/libexec/nehelper.

Tags: Apple, ios, osx
This post is under “Apple” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [remote] Apache James Server 2.3.2 – Remote Command Execution (RCE) (Authenticated) (2) iOS 15.0 nehelper Enumeration »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

iOS 15.0 Nehelper Wifi Info Entitlement Check Bypass

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL