[pvg]

The closest is

$25,000. App access to a small amount of sensitive data normally protected by a TCC prompt.

In this case you get a misleading prompt, the access requires additional interactions. It's a serious bug and I'm all for reporters of serious bugs getting bigger bounties from companies that have more cash than they know what to do with. But simply dropping a random number in every single one of these threads is just noise, not even advocacy or technical discussion.

[TheJoeMan]

I think you missed the end of the article where any MacOS app could turn on your AirPods microphone without any permissions at all and at any time at all.

[crazygringo]

No it can't. It's only during Siri commands and dictation. It's not always-on.

Edit: NEVER MIND, that's correct, sorry. Why the heck does the article put the most dangerous part only at the end, and not include it in the tl;dr or anywhere else at all...??

[concinds]

Wrong, read it again.

[pvg]

I didn't, it's just that 'vulnerability that requires a malicious app on macOS' is a much less interesting one that something like that for iOS.

[lapcat]

"Full TCC Bypass on macOS"