Service crash
Specifically, it’s about the background service “sharingd”, which can be terminated by prepared requests from outside. In addition, manipulated HTTP headers cause the HTTP/1.1 parser in the Network Framework to crash – and the Foundation Framework is vulnerable to deeply nested XML property lists. According to the documentation, Apple has already fixed one of the vulnerabilities and the other two are in the works. However, it currently remains unclear when a fix will be released.
Attackers must have “for all” range and reception enabled
An essential prerequisite for exploitation is spatial proximity, i.e. a maximum of 30 meters away from the device. The gap is relevant for devices whose AirDrop reception is set to “For everyone” because they process incoming connections before the user even sees a transfer request. However, since most users do not give general approval, the potential for misuse shrinks even further.
Android counterpart was also affected
By the way, Google and Samsung also have to make improvements because security researchers found similar problems with “Quick Share”. Here, certain messages are processed before authentication – unencrypted despite the establishment of an encrypted connection. Google has already fixed the error and paid a “bug bounty” bonus of an unknown amount. It is not known whether Apple offered a reward for the find.

