Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical “wormable” iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi.
The exploit makes it possible to “view all the photos, read all the email, copy all the private messages and monitor everything which happens on [the device] in real-time,” said Beer in a lengthy blog post detailing his six-month-long efforts into building a proof-of-concept single-handedly.
The flaw (tracked as CVE-2020-3843) was addressed by Apple in a series of security updates pushed as part of iOS 13.3.1, macOS Catalina 10.15.3, and watchOS 5.3.7 earlier this year.
“A remote attacker may be able to cause unexpected system termination or corrupt kernel memory,” the iPhone maker noted in its advisory, adding the “memory corruption issue was addressed with improved input validation.”
The vulnerability stems from a “fairly trivial buffer overflow programming error” in a Wi-Fi driver associated with Apple Wireless Direct Link (AWDL), a proprietary mesh networking protocol developed by Apple for use in AirDrop, AirPlay, among others,…