- iPhone vulnerability was reported by a Project Zero researcher
- A proof-of-concept is available to detail the issue
- Apple took some time to fix the bug in AWDL to patch the flaw
Apple patched a serious vulnerability earlier this year that could have allowed attackers to gain complete control over any iPhone using Wi-Fi. The vulnerability. that has been fixed since the release of iOS 13.5 in May, was initially reported by a researcher of Google’s Project Zero team.
It was also noticed by other security researchers. The security flaw existed due to a bug in the iOS kernel that allowed bad actors to gain remote access, without requiring any direct interaction from users.
Known as an unauthenticated kernel memory corruption vulnerability, the issue was reported by Ian Beer of Project Zero. Beer published a 30,000-word blog to detail the vulnerability. He also provided a proof-of-concept exploit that he built after spending six months.
Although the security researcher developed multiple exploits to understand the flaw, the most advanced one he built was the wormable radio-proximity exploit that allowed him to gain complete control over his iPhone 11 Pro.
He was able to deploy the exploit using a laptop, a Raspberry Pi, and some off-the-shelf Wi-Fi adapters.
Apple fixes the issue with Software Update
The company acknowledged the existence of the vulnerability on its security page. Apple said, “A remote attacker may be able to cause unexpected system termination.” The company also mentioned that it addressed the issue using improved memory management.
The flaw was fixed with the release of iOS 13.5. However, it is likely that the handsets running on an earlier iOS version could still be exploited.
There are no details on whether the vulnerability was exploited in the wild before it got fixed by Apple. However, Beer noted in his post that at least one exploit seller was aware of the bug in May.