Radio proximity security attack targeting up to iOS 13.5 detailed by Ian Beer

Accomplished security researcher Ian Beer, known for releasing a host of iOS exploits used by modern jailbreak tools, dropped a bombshell on Twitter late Wednesday evening after sharing a detailed blog post about a jaw-dropping radio proximity exploit affecting up to and including iOS and iPadOS 13.5.

The blog post summary goes on to explain that the hacker can remotely trigger kernel memory corruption through the execution of arbitrary code. Furthermore, it can force affected iOS and iPadOS devices in radio proximity to reboot with no user interaction needed or put privacy at risk by breaching user data or utilizing cameras and microphones without the user’s knowledge.  Scary indeed…

The exploit in question appears to take advantage of a flaw in an iPhone or iPad’s AWDL, which is an acronym short for Apple Wireless Direct Link. It’s effectively a proprietary mesh networking protocol used by Apple devices to transfer data over certain wireless connections like those used by AirDrop.

AirDrop is a popular feature of iOS, iPadOS, and macOS devices that allows for quick and effortless transfer of files over Bluetooth and Wi-Fi-based connections that can be configured to allow transmissions from trusted contacts or from anyone. It’s a convenient way to push a file from one device to another, but as it would seem, it may also be a portal for malicious hackers to do their dirty deeds, at least on some versions of iOS or iPadOS.

See for yourself:

Subscribe to iDB on YouTube

While the hacker detailed being able to forcefully reboot devices in radio proximity (Wi-Fi range), Beer also noted the ability to run arbitrary code that was powerful enough to provide access to user information (emails, photos, audio access camera access, etc.) and that it wouldn’t necessitate any interaction from the device user.

Demo below:

If you’re sitting there right now with an epic facepalm and muttering “oof” to yourself, then take comfort in the following facts: 1) the exploitation method is patched in iOS & iPadOS versions 13.5.1 and later; and 2) Beer says there’s no evidence that this exploitation has been used in the wild by malicious hackers.

While most iPhone and iPad users have already upgraded to iOS or iPadOS 14, the fact remains that much of the jailbreak community currently uses iOS or iPadOS 13.5 and older given the support of current jailbreak tools in recent memory. It remains to be seen if a third-party patch can be distributed for jaikbreakers on affected versions of iOS and iPadOS.

The full blog post detailing Beer’s exploitation research and proof of concept are available on the Project Zero blog.

Are you currently using an affected version of iOS or iPadOS, or have you already updated to iOS or iPadOS 14? Share down in the comments section below.