Vulnerabilities that allow remote control of an iPhone |
Ian Beer, a security researcher on the Google Project Zero Security team, has revealed a vulnerability that allows users to fully control an iPhone remotely without user intervention.
Several iPhones and other iOS devices are said to be vulnerable to attack by May, and attackers could use the vulnerability to remotely restart and gain full control of their device.
This vulnerability could allow an attacker to read email and other messages, download photos, and view and listen to your voice using the iPhone's microphone and camera.
IPhone, iPad, and Mac devices use a protocol called AWDL to create mesh networks for features like AirDrop and Sidecar, so you can easily send photos and files to other iOS devices and turn iPad into a single device. Secondary screen.
Security researchers have found a way to use this method, and they have also found a way to force the AWDL protocol to run despite the protocol being stopped previously.
Bill said: He has no evidence of exploitation of these cases, and admitted that it took a full six months to identify, verify and prove this exploitation.
Apple fixed this vulnerability with iOS 13.5 since May. However, security researchers advise not to underestimate this vulnerability.
He said, "The bottom line of this project shouldn't be that no one will spend six months hacking my phone. On the contrary, the result should be that one person is working alone and can seriously harm iPhone users."
Apple did not question the existence of the vulnerability and cited security researchers in the changelog for several security updates related to the vulnerability in May 2020.
The company noticed that most of the iOS users are using an updated patched version of iOS.
Apple has made it clear that this type of hacking only works when you are within range of the wireless network, although you do not have to be on the same wireless network.