Yesterday, Apple released an emergency update for iOS devices, fixing a critical code execution vulnerability in the Wi-Fi chip that ships with iPhones and iPads. Today, we learned that this vulnerability actually affects all devices that using a particular Broadcom Wi-Fi chip. If an attacker can get within wireless range of affected devices, he could exploit this flaw to execute arbitrary code on the device. Watch today’s video for a quick summary of the issue, and if you’re and iOS user, upgrade immediately.
Episode Runtime: 2:26
Direct YouTube Link: https://www.youtube.com/watch?v=BK-m93Fpr6E
EPISODE REFERENCES:
- Apple releases emergency iOS update from Broadcom flaw – Apple
- Broadcom Wi-Fi chip vulnerability affects many mobile devices and tablets – The Register
- Google researchers detail vulnerabilities in Broadcom’s Wi-Fi SoC – Blogspot
Corey Nachreiner, CISSP (@SecAdept)
Hi Corey could you expand on what you mean by “within wireless range”? Does this mean an attack can be successful if the wireless device is simply near an attacker’s device without being connected to a wireless network? If so can you guide us through such a scenario? Thanks!
Vicky, The Google researcher actually found a number of vulnerabilities in the Broadcom chip set, you can see them all here:
https://bugs.chromium.org/p/project-zero/issues/list?can=1&q=HardMAC
But in a nutshell, many of the “components” being targeted are only accessible after you have joined a wireless network. I haven’t looked at every issue, but–beyond being within range–you do have to be associated with the same Wi-Fi network as the victim to exploit these. That said, with things like the Karma attack, you might be surprise how easily hackers can trick your device into joining a network they manage, without you knowing.
Good question.