A well-known security researcher with a history of finding bugs in Apple products has disclosed the most literal go bug exploits: filling the virtual workspace of Apple Vision Pro users with hundreds of lifelike spiders. The exploit, which could be executed remotely and required no user permission, was fixed by a recent Apple security update.
Apple described the vulnerability as being a logic issue with WebKit which could lead to the processing of web content that “may lead to a denial-of-service.” In reality, CVE-2024-27812 was much, much worse if the thought of spiders overrunning your workplace scares you.
All You Need To Know About The World’s First Spatial Computing Attack
Ryan Pickren, perhaps best known for finding a series of zero-day vulnerabilities in Safari that led to a remote takeover of iPhone and Mac cameras, described this latest discovery as the world’s first spatial computing hack.
With the vulnerability now fixed by Apple and bounty negotiations complete, Pickren has published a detailed account of the spider-creating vulnerability revealing just how easily it could be exploited.
The vulnerability itself sat within Safari for visionOS, the operating system used by Apple’s Vision Pro virtual reality headset. Exploiting it meant that a malicious website could bypass user permission warnings and fill a room with an arbitrary amount of fully animated 3D objects. Pickren chose spiders, along with bats, to demonstrate the scary hack. Scary for anyone with a fear of spiders or bats, but also because this remote hack meant that the animated objects persisted in that virtual space even after the user exited Safari.
You can watch videos of the spider invasion in full swing, along with bats taking over an office space, on Pickren’s website.
Instant Spiders Enabled By Old WebKit Technology
The hack itself is relatively simple in that it exploited a vulnerability that made a mockery of the privacy safeguarding around shared personal spaces using Vision Pro. “If an app wants a more immersive experience, they must receive explicit permission from the user via an OS-level prompt that places them in a trusted “Full Space” context,” Pickren explained. Apple also rolled out an experimental feature to enable support for WebXR in the visionOS WebKit that came with a rebuilt full-space permission model in a web context to ensure that user permission, by way of a Safari popup, had to be manually granted before any 3D objects could be created in this space. This is what you’d expect from a privacy perspective as it’s Apple we are talking about, after all.
However, Pickren said that a 2018 web-based 3D model viewing standard, Apple AR Kit Quick Look, appeared to have been overlooked by Apple. Worryingly, the features enabled by this standard worked out of the box and so required no experimental feature enablement. Because Safari didn’t require a permission model for this standard, nor did a link have to be clicked by a user, it could be exploited remotely without user interaction. “If the victim just views our website in Vision Pro,” Pickren explained, “we can instantly fill their room with hundreds of crawling spiders and screeching bats! Freaky stuff.”
For me, the most frightening thing about this hack was that closing Safari didn’t stop the virtual spider infestation and the only way of getting rid of them was “manually running around the room to physically tap each one.”