TapTechNews July 6th news, Apple released the visionOS 1.2 version update in June this year, fixing a security vulnerability. An attacker can use the vulnerability to fill hundreds of 3D objects for the wearer of the VisionPro headset, such as allowing bats and spiders to crawl all over your visible space.
Cybersecurity expert Ryan Pickren first discovered the vulnerability and reported it to Apple in February this year and received a bug bounty from Apple.
Pickren can bypass all Safari browser warnings with this vulnerability and allow websites to render 3D models and various voiceovers. TapTechNews translates part of his blog post as follows:
This means that without the need for user interaction, a website can start any number of 3D, animated, and sound objects.
For example, if a VisionPro headset user browses our website, we can immediately fill their room with hundreds of crawling spiders and screaming bats! It's incredible!