from what they demonstrated, this seems to only be a $100,000 exploit in Apple's bug bounty platform, but if they package it right, it could be a $1.5 million exploit

They simply have to show it against a beta version of MacOS, and frame it as unauthorized access, and maybe from locked mode if possible