A critical security flaw in Apple’s service ticket portal has come to light, potentially exposing the sensitive data of millions of users.
The vulnerability, rooted in a combination of Insecure Direct Object Reference (IDOR) and privilege escalation, allowed unauthorized access to user information, including Mac serial numbers, IMEI numbers, and service ticket details.
https://cybersecuritynews.com/apple-ser ... erability/