Security Flaws in Apple’s AWDL Protocol Could Lead to Tracking, MITM & Other Types of Attacks

  • Apple’s AWDL protocol powers the company’s AirDrop and AirPlay features, found in over 1.2 billion Apple-made devices.
  • Four types of security vulnerabilities have been found to exist in the AWDL protocol, as reported by a group of security researchers from Germany. 
  • Apple has already fixed one vulnerability. However, other vulnerabilities will remain open for the foreseeable future.

Even though they can be hugely useful and convenient, Apple’s AirDrop and AirPlay also pose a significant security risk. That’s because both of those technologies are based on the ‘Apple Wireless Direct Link’ (AWDL) protocol, present on more than 1.2 billion devices. Despite its closed nature, this protocol has been thoroughly examined by cybersecurity experts, who have now published their findings. As it turns out, AWDL comes with several vulnerabilities that enable different kinds of exploitations, some of which can be incredibly serious.

Cybersecurity experts at the Technical University of Darmstadt (Germany) have been dissecting Apple’s AWDL protocol during the last year, and they came up with interesting conclusions. By reverse-engineering the protocol and re-writing it as a C-implementation named OWL (Open Wireless Protocol), they managed to test the AWDL for various attacks. In conclusion, they’ve discovered the following four vulnerabilities:

  • MITM Attacks: The AWDL protocol can be used in a man-in-the-middle attack where a malicious actor could hijack a file transfer process. In other words, a MITM attack can be used to intercept and modify file transfers done via AirDrop, which could be then used to inject malicious files.
  • Device Tracking Attacks: Even though there’s MAC randomization present, the AWDL protocol is susceptible to long-term device tracking which reveals information such as the name of the device owner (in more than 75% of experiment cases).
  • DoS Attacks: This type of attack is aimed at the election mechanism of AWDL and could be used to desynchronize the target’s channel sequences, which effectively prevents communication with other devices.
  • Wi-Fi Driver Vulnerability: It’s possible to crash Apple devices in close proximity by injecting frames that could target a single or several devices at the same time.

To illustrate their theory, the security researchers have posted a YouTube video showing the previously mentioned MITM attack in action. The video shows how a third-party could modify files in transit, which opens the possibility of injecting malware.

All of the previously mentioned vulnerabilities have already been reported to Apple. The company managed to issue a security update in May, fixing the AWDL DoS bug (CVE-2019-8612). This means that the fix has already been applied to your device if you’re running iOS 12.3, tvOS 12.3, watchOS 5.2.1, or macOS 10.14.5. The rest of the vulnerabilities require the redesign of some of Apple’s services, which means that they’ll stay exploitable for the foreseeable future.

It’s also interesting to note that some of these AWDL vulnerabilities affect Android devices as well. That’s because the Wi-Fi Alliance has adopted the AWDL standard for Neighbor Awareness Network-ing, also known as ‘Wi-Fi Aware’. Since this technology uses AWDL’s design, there’s a high possibility that these two technologies share the same vulnerabilities as well.

You can read about these AWDL vulnerabilities in a whitepaper posted by the researchers. Additional details will be revealed at the USENIX security conference presentation in mid-August.

How frequently do you use Apple’s AirDrop and AirPlay? Are you worried about these security vulnerabilities? Let us know in the comments section below, and don’t forget to follow us via our social media profiles, on Facebook and Twitter. Thanks!

How to Watch Wild Isles Online for Free: Stream the 2023 David Attenborough Series from Anywhere
Wild Isles is a British series focused on nature, and we have the premiere date, plot, episode release schedule, and other details....
How to Watch Naked and Afraid: Solo Online from Anywhere
Naked and Afraid: Solo is a new spin-off series set to premiere soon, and the best part is that it will be...
How to Watch SWV & Xscape: The Queens of R&B Online from Anywhere
Get ready to hop on the nostalgia train as you watch SWV & Xscape: The Queens of R&B bring 90’s R&B music...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari