Security News > 2020 > December > Impressive iPhone Exploit

Impressive iPhone Exploit
2020-12-02 19:55

Oh, and exploits were wormable­ - meaning radio-proximity exploits could spread from one nearby device to another, once again, with no user interaction needed.

Beer's attack worked by exploiting a buffer overflow bug in a driver for AWDL, an Apple-proprietary mesh networking protocol that makes things like Airdrop work.

Because AWDL parses Wi-Fi packets, exploits can be transmitted over the air, with no indication that anything is amiss.

Beer developed several different exploits.

It takes about two minutes to install the prototype implant, but Beer said that with more work a better written exploit could deliver it in a "Handful of seconds." Exploits work only on devices that are within Wi-Fi range of the attacker.


News URL

https://www.schneier.com/blog/archives/2020/12/impressive-iphone-exploit.html