Technical
Advisory

Through sharp, technical and insightful analysis, the Payatu Team is constantly on the lookout for vulnerabilities and threats. This section exhibits a few of our findings.

...
...

Vulnerability

Safari video permission spoof

Vulnerability Description

Using this vulnerability an attacker can trick the victim to grant website permissions to a website they didn’t intend to

CVE-ID

CVE-2020-9781

Vendor

Apple

Product

iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation

Disclosure Timeline

  1. 5 August 2019 reported to the vendor
  2. 25 March 2020 coordinated public release of advisory

Credits

Nikhil Mittal