As no smartphone is 100% secure, vulnerabilities do show up on Android and iOS devices. Some annoyingly cause apps to crash, while others – the deadly ones – compromise device security, inviting hackers right into the core of your phone. As these bugs are on the rise, a security researcher at Google’s Project Zero has revealed a major Wi-Fi flaw that affects both iOS and Android systems.
In a series of blogs, Gal Beniamini has revealed that a hacker within a range of a shared Wi-Fi network could be able to execute arbitrary code on a targeted device, resulting in full device takeover with no user interaction at all. In plain terms, he could get your phone just via Wi-Fi and no additional traps.
Beniamini outlined the vulnerability with Broadcom’s Wi-Fi SoC. The focus of his research was specifically directed towards Broadcom as it’s the leading wireless chipset maker in the industry, providing Wi-Fi SoCs for Samsung, Google and Apple devices. He conducted the research on Nexus 5, 6, 6P, Samsung flagships, and all iPhones starting from the iPhone 4.
The security researcher developed a proof-of-concept exploit which used Wi-Fi frames with irregular values to attack Broadcom’s Wi-Fi SoC’s firmware and cause a stack overflow. The situation of stack overflow arises when a computer program tries to use more than available memory, making it vulnerable to crash. He used the frames to target timers responsible for carrying out regularly occurring events such as performing scans for networks and managed to overwrite specific regions of device memory with arbitrary shellcode.
The same could have been done by a potential hacker but to do some serious damage, for instance, introducing malicious codes on vulnerable devices within range of a rogue access point.
Besides stack overflow bugs, Beniamini also said lack of security protections in software and hardware platforms made the Broadcom chip a prime target.
Broadcom, Apple, Google Releasing Fixes
But, before you panic, it is important to note that the concerned parties have upped the ante to address the Wi-Fi flaw. Apple, being the first one, addressed the glitch with the release of iOS 10.3.1, Broadcom has also claimed that “newer versions of the SoC utilise MPU, along with additional security mechanisms.
While Google hasn’t released a fix for all Android users, the select devices eligible for its monthly patch bundle will get the fix in April. But that could also take a week or two.
As the Wi-Fi flaw has now been detailed, hopes are high that Google and other OEMs would soon release a fix for the sake of millions of Android users.