Earlier this week at the Black Hat information security conference held in Las Vegas, a researcher working for the InfoSec firm Exodus Intelligence revealed a vulnerability found within the Wi-Fi chipsets used by a wide variety of smartphones, including Samsung Galaxy and Google Nexus devices, as well as iPhones. The vulnerability was dubbed Broadpwn and it works by exploiting a number of flaws in the Wi-Fi chips manufactured by Broadcom. The good news is that the vulnerability has been patched with the release of the July security update for Android OS, and with iOS version 10.3.3 for iPhones.
According to researcher Nitay Artenstein, the Broadpwn vulnerability is particularly interesting because it is a truly remote exploit, meaning that it can infect a device without the user having to do anything in particular. Furthermore, the attacker doesn't require any information regarding the device it targets, and interestingly enough, the vulnerability can be exploited without crashing the device. According to the researcher, the specific flaws within the Broadcom Wi-Fi chips virtually allow an attacker to write a program directly onto the chip and take control of it. At the Black Hat conference in Las Vegas, Nitay Artenstein demonstrated how an attacker could take advantage of this vulnerability. The researcher created a "worm" – or a self-replicating malware – which infected a Samsung Galaxy device, and in turn, the affected device proceeded to infect another Samsung smartphone without any kind of input. And while remote exploits have "died out" in recent times according to Nitay Artenstein, the Broadpwn vulnerability would be a fairly good start to create the first Wi-Fi/network worm "in a few years."
Fortunately, the Broadpwn vulnerability has its limitations as it cannot leap from the infected Wi-Fi chip's firmware to the actual device. This was true even before Google and Apple have issued software updates to Android OS and iOS in order to patch the vulnerability. Either way, Android OS users are advised to update their smartphones to the latest Android security patch if and where it is available on their respective devices. Keep in mind that the vulnerability affects only Broadcom Wi-Fi chipsets so if your smartphone doesn't have one then it should be safe from these exploits.