AirDrop and Quick Share Vulnerabilities Exposed
Researchers have discovered six vulnerabilities in Apple's AirDrop and Google/Samsung's Quick Share file-transfer protocols, affecting over five billion devices. The flaws, which include pre-authentication issues and encryption bypasses, were found through reverse engineering and fuzzing. The vulnerabilities have been reported to the respective companies, with Google awarding a bounty for one of the issues.
Key points
- Researchers discovered six vulnerabilities in AirDrop and Quick Share protocols, affecting over five billion devices.
- The flaws include pre-authentication issues, encryption bypasses, and a heap use-after-free in Google Quick Share for Windows.
- The vulnerabilities were found through reverse engineering and fuzzing of the proprietary and undocumented protocol stacks.
- Google awarded a bounty for one of the issues, while Apple and Samsung have not publicly commented on the findings.
- The researchers have reported the vulnerabilities to the respective companies, urging them to address the security flaws.
AirDrop and Quick Share Vulnerabilities Exposed
Researchers have discovered six vulnerabilities in Apple's AirDrop and Google/Samsung's Quick Share file-transfer protocols, affecting over five billion devices. The flaws, which include pre-authentication issues and encryption bypasses, were found through reverse engineering and fuzzing.
The vulnerabilities were discovered by researchers who performed a cross-platform reverse engineering and protocol-aware fuzzing study of both stacks. They reconstructed AirDrop's seven-layer state machine and DVZip adaptive compression from binary analysis, and built a protocol-aware fuzzer called AIRFUZZ.
The researchers found three pre-authentication issues in macOS/iOS AirDrop, including a Swift fatalError DoS in the HTTP path router, unbounded XML plist recursion in Foundation, and a NULL dereference in the HTTP/1.1 parser. They also discovered two protocol-layer flaws in Samsung Quick Share, including a pre-authentication OfflineFrame dispatch and D2D encryption bypass for three frame types.
In addition, the researchers found a heap use-after-free in Google Quick Share for Windows, for which Google awarded a bounty. The vulnerabilities have been reported to the respective companies, with Apple and Samsung not publicly commenting on the findings.
The discovery of these vulnerabilities highlights the importance of security research and the need for companies to prioritize the security of their protocols. As the use of file-transfer protocols continues to grow, it is essential that these vulnerabilities are addressed to prevent potential security breaches and data leaks.
Sources
The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.