This vulnerability allows you to hack an iPhone remotely without even touching it

Ian Beer, a researcher at Google Project Zero, has revealed some details about a dangerous iOS vulnerability that could put millions of iPhone users at risk. This flaw was fixed by Apple in early 2020.

According to the report, successful exploitation of this vulnerability could have allowed threat actors to take full control of a device at a close distance without even interacting with the victim.

La imagen tiene un atributo ALT vacío; su nombre de archivo es vulnerabilityaugust.jpg

Beer says that due to isolation measures for pandemic combat, he spent six months studying this flaw, which he defined as a “proximity radio exploit.”  Their findings were published by Google’s research team this week. In his report, Beer mentions that in his research he was able to remotely activate an unauthenticated kernel memory corruption vulnerability that causes all iOS devices in radio proximity to reboot, without user interaction.

Apparently the problem lay in a protocol on iPhone, iPad, Mac, and Apple Watches known as Apple Wireless Direct Link (AWDL). This protocol creates mesh networks for functions such as AirDrop and Sidecar, facilitating compliance with the functions of these devices.

The expert highlights the low spread given to these networks: “Chances are that your iOS devices are constantly creating these networks throughout the day without users realizing it,” he says. The company corrected the flaw, tracked as CVE-2020-3843, with its iOS 12.4.7 update.

Exploiting the vulnerability would have allowed hackers to access photos, emails and other files on the victim’s device, as well as monitor their activities in real time. It is important to note that this attack would only work on devices within range of a WiFi network.

About the flaw and in-the-wild scenarios, Beer mentions that during his investigation he found no evidence that any active attack, although it highlights the importance of this finding: “It took me six months to discover the vulnerability, so it is highly likely that it has gone unnoticed by threat actors. Even so, companies need to take these flaws seriously and not dismiss reports just because no attempts at exploitation have been detected,” Beer concludes.