According to the details provided in the official press release, this flaw can also tamper with the text of the TouchBar on the MacBook Pro. With this BUG chain, Groß successfully won $65,000 and achieved the coveted “Master of Pwn” title with 6 points.
At the Mobile Pwn2Own conference held in November last year, Richard Zhu, who had used two Safari BUGs to bypass the iPhone 7 security protocol, attempted to use Safari vulnerabilities to launch attacks at this conference. Unfortunately, at this year’s Pwn2Own conference, Zhu was unable to escape from the sandbox within the prescribed 30 minutes.
Confirmed! @5aelo used a JIT optimization bug in the browser, a macOS logic bug, & a kernel overwrite to execute code to successfully exploit Apple Safari. This chain earned him $65K & 6 points Master of Pwn points. pic.twitter.com/iLfNFnXzzs
— Zero Day Initiative (@thezdi) March 15, 2018
However, Zhu successfully exploited the Windows kernel EoP to crack Microsoft Edge, using two UAF vulnerabilities and an integer vulnerability. Niks Baumstark, Groen’s phoenhex teammate, successfully launched an attack on Oracle VirtualBox.