The OKX team fixed the vulnerability affecting the iOS wallet app.
Thanks @Certik for the note.
We’ve completed the relevant upgrade & this is no longer an issue. We have verified that this did not impact any customer assets.
The fix has been deployed to iOS version 6.45.0 & we recommend you update the app asap. pic.twitter.com/5HfOnATPeu
— OKX (@okx) December 19, 2023
The developers thanked CertiK researchers for the bug found. They also urged users to update the app to the latest version (6.45.0) immediately.
According to CertiK, the critical remote code execution vulnerability could lead to the compromise of confidential data and crypto assets.
? Attention! We urge users of OKX wallets to update their iOS app to the latest version immediately. Earlier this month, we identified and reported a critical Remote Code Execution (RCE) vulnerability in the OKX iOS App, leading to potential compromise of sensitive data and…
— CertiK (@CertiK) December 19, 2023
On the other hand, OKX representatives stressed that the bug affected an external service provider. At the same time, users’ assets were not affected.
Earlier CertiK analysts identified a critical vulnerability in Solana’s Saga smartphone, allowing the theft of user crypto assets.