Dear colleagues,
Nosebeard Labs is pleased to share its latest advisory, detailing a 
bypass of Apple's system wide web content filter. The HTML version of 
this advisory is also available at:
https://nosebeard.co/advisories/nbl-001.html
Warmest regards,
Nosebeard Labs
## Summary
Nosebeard Labs Security Advisory NBL-001
Title: Apple web content filter bypass allows unrestricted access to 
blocked content (macOS/iOS/iPadOS/visionOS/watchOS)
Advisory ID: NBL-001
Date: 2024-11-15
Severity: Critical (CVSS 9.1)
Affected Product: Safari on any Apple device with Screen Time enabled
CVE ID: CVE-2024-44206
## Overview
Nosebeard Labs has identified a critical vulnerability in Apple’s system 
wide web content filter that allows a full bypass of content 
restrictions. This vulnerability, which occurs specifically when Screen 
Time’s content filtering settings are enabled, permits users or 
attackers to access restricted websites in Safari without detection. By 
exploiting a misalignment between Screen Time’s Access Control List 
(ACL) and WebKit’s URI validation, a specially crafted URI can 
circumvent both layers of protection.
Apple has assigned CVE-2024-44206 to this issue and issued a fix for 
macOS Sonoma 14.x, iOS/iPadOS 17.x, watchOS 10.x, visionOS 1.x, Safari 
17.x and up.
However, a fix is still pending for the backport channels.
## Description
This vulnerability arises when the WebKit Cocoa layer in Safari ingests 
a URI without performing comprehensive validation, combined with a 
failure by the Screen Time ACL filter to recognize and block the 
malformed URI. The flaw allows a crafted URI to bypass all Screen Time 
content filtering settings, including deny/allow lists and parental 
content filters, providing unrestricted access to blocked content.
## Affected Systems
This vulnerability affects all devices on macOS, iOS, iPadOS, watchOS 
and visionOS platforms with Safari and Screen Time enabled, impacting an 
estimated 250 million devices globally.
## Attack Scenarios
The vulnerability can be exploited both locally and remotely:
1. Local Exploitation: Users can manipulate the address bar to manually 
enter a crafted URI, bypassing Screen Time restrictions.
2. Network-Based Exploitation: Attackers can load restricted content 
remotely by embedding a crafted URI within an iframe, bypassing 
restrictions without requiring user interaction.
## Impact
1. Confidentiality: Unrestricted access to restricted websites 
compromises the confidentiality of content filtering controls, 
potentially exposing sensitive or inappropriate material.
2. Scope and Integrity: This vulnerability spans across two separate 
security mechanisms (Screen Time and WebKit), representing a critical 
architecture-level issue. Additionally, accessing unsecured or unlogged 
resources poses potential integrity risks.
## CVSS Score
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Score: 9.1 (Critical)
## Mitigations
Upgrade to the latest iOS/iPadOS 17.x or 18.x / macOS Sonoma 14.x  / 
visionOS 1.x / watchOS 10.x / Safari 17.6 respectively. Users who are 
unable to apply a fix can contact us for more info.
## Vendor Response
Apple has issued CVE-2024-44206 and supplied a fix within WebKit; 
however, a fix remains pending for iOS/iPadOS version 16.x. We recommend 
that Apple undertake further review to address the issue comprehensively.
## Timeline
–
Milestone:
2020-11-24 Vulnerability discovered internally at NBL
–
Milestone:
2021-03-08 Initial disclosure to Apple Product Security
–
2021-03-09 Apple Product Security recommends to open a bug report on 
Feedback Assistant
2021-03-10 We opened a bug report on Feedback Assistant as advised by 
Apple Product Security
2021-03-15 We follow-up by adding additional info to the open bug report 
on F.A.
2021-08-16 We follow-up again referring Apple Product Security to open 
ticket, stressing that the issue can be also demonstrated in their EU 
Apple Stores
2021-08-24 We follow-up again to Apple Product Security, referring to 
the previous follow-up
2021-08-25 Rejected by Apple Security - “We do not see any actual 
security implications. We recommended reporting this issue via Feedback 
Assistant”
2024-03-18 NBL submits a second report 3 years later to appeal via Apple 
Security Bounty Program, urging to re-evaluate, also providing PoC code
2024-03-19 Apple Security Research closes report - “We’re unable to 
identify a security issue in your report” - “Screen Time is not intended 
to protect a device against manipulation” - “We recommend reporting this 
via Feedback Assistant”
2024-04-02 Status of Bug Report on F.A. from 2021-03-10 “Open, Similar 
Reports None”
2024-04-03 We follow-up again asking Apple Security for a final 
reassessment, providing a temporary workaround
2024-04-03 Apple Security recommends opening a bug report - “ST is not 
intended to protect a device against manipulation” - “MDM profiles 
provide configuration management but do not establish additional 
security boundaries beyond what iOS and iPadOS have to offer.”
2024-05-05 Initial contact with Joanna Stern of WSJ
2024-05-06 Referring PSIRT ticket # directly to an Apple PSIRT contact 
via undisclosed SOC - no response
2024-05-28 Joanna Stern/WSJ runs Apple through this
2024-05-29 Apple commits patches to Safari branch
–
Milestone:
2024-06-05 Wall Street Journal addresses our finding in their article “A 
Bug Allowed Kids to Visit X-Rated Sites. Apple Took Three Years to Fix 
It.” by Joanna Stern
–
2024-06-18 We follow-up again with Urgent request for re-evaluation to 
Apple Product Security (“Addendum”)
2024-06-27 We follow-up on our follow-up Update Request Screen Time 
Security Vulnerability Report (“Follow-Up”)
2024-07-23 Apple releases fix in iOS 17.6RC et al.
2024-07-26 Letter to Apple welcoming first fix, reiterating our 
dedication to Responsible Disclosure, intended to coordinate further 
disclosure process and close the affair asking them to give credit and 
align to their SBP
–
Milestone:
2024-07-29 Apple releases fixes for macOS Sonoma 14.6, iOS/iPadOS 17.6, 
watchOS 10.6, visionOS 1.3 and Safari 17.6, leaving iOS/iPadOS 16.x 
still affected.
–
2024-07-31 Apple responds “ST is not intended to protect a device from 
malicious manipulation, and bug reports on features like this are 
therefore typically ineligible for credit or Apple Security Bounty 
award. However, we’d like to make an exception and award you USD (...)* 
as a thank you for your report. Also, we’d like to credit you on our 
security advisory under the ‘Additional recognition’ section of the 
page.” *We were offered the minimum possible amount.
2024-08-01 We inquire about the bounty amount asking Apple to “comment 
on our proposed evaluation under the CVSS metrics, sharing with us their 
transparent assessment of the vulnerability under the terms and broad 
criteria of the bounty program.”
2024-08-01 Apple “appreciates our suggestions, but CVSS scores are not 
something that they publish to their security advisory.”
2024-08-03 Patches merged with public WebKit branch
2024-08-19 We are reaching out to Apple again “Ringing the escalation 
bell for the SBP team”
2024-08-23 Apple Product Security advises a call
2024-09-10 Apple Security rejects adjustment of the bounty as “out of 
scope/edge case policy” in the call, offering a $20,000 charity donation 
instead We request Apple to assign a CVE.
–
Milestone:
2024-10-17 Apple follows-up with CVE-2024-44206 and an update to the 
advisories
https://support.apple.com/en-us/120909
https://support.apple.com/en-us/120911
https://support.apple.com/en-us/120913
https://support.apple.com/en-us/120915
https://support.apple.com/en-us/120916
–
2024-10-23 We follow-up one more time to request a further review of the 
severity and reward
2024-11-02 NBL-001 advisory draft shared with Apple
2024-11-14 Apple requests naming their charity offer among bounty payout 
details, leaving out further comments on the contents of the advisory 
itself.
2024-11-15 NBL-001 published
## Contact
For more information, please contact Andreas Jaegersberger or Ro 
Achterberg from Nosebeard Labs at [email protected].
## Special Thanks
Much love goes out to Joanna Stern for her incredible support in making 
this happen.
We also want to thank Aaron Kaplan for the tailwind throughout the 
journey and Arnoud Engelfriet for the rapid legal advice.
Buongiorno to the cap’n <3