Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Critical iOS Activation Infrastructure Vulnerability: Unauthenticated Provisioning Injection at Apple’s SIM Activation Endpoint

published on 2025-06-02 23:16:00 UTC by /u/Bright-Dependent2648
Content:

I’ve published a report detailing a critical, unpatched vulnerability in Apple’s iOS activation infrastructure.

It affects all iPhones during initial setup — even after a factory reset, with no jailbreak, no Apple ID, and no MDM.

Key Findings:

  • The Apple endpoint https://humb.apple.com/humbug/baa accepts unauthenticated XML provisioning payloads
  • The server responds with HTTP 200 OK and applies persistent, device-level configuration changes
  • Exploit triggers during activation, before the user reaches the home screen
  • Alters:
    • Modem policy settings
    • Carrier protocol enforcement
    • CloudKit account behavior and caching
  • Changes persist across reboots and can’t be reverted through Settings

Impact:

  • Bypasses traditional mobile device management and security controls
  • Opens the door to silent pre-provisioning by third parties
  • Allows long-term, pre-user compromise of trust infrastructure
  • Mirrors unknown behaviors observed in certain iOS surveillance incidents

This was submitted to US-CERT (VRF#25-05-RCKYK), Apple, and CNVD. No remediation to date.
I’m sharing this to inform the security community and to preserve the discovery.

submitted by /u/Bright-Dependent2648
[link] [comments]
Article: Critical iOS Activation Infrastructure Vulnerability: Unauthenticated Provisioning Injection at Apple’s SIM Activation Endpoint - published 4 months ago.

https://www.reddit.com/r/netsec/comments/1l1ws8h/critical_ios_activation_infrastructure/   
Published: 2025 06 02 23:16:00
Received: 2025 06 02 23:20:44
Feed: /r/netsec - Information Security News and Discussion
Source: /r/netsec - Information Security News and Discussion
Category: Cyber Security
Topic: Cyber Security
Views: 23

Custom HTML Block

Click to Open Code Editor