Owners of Android and iOS devices should pay special attention to security updates released by Google and Apple on Monday, as they contain fixes for a series of critical bugs affecting their phone's WiFi component.
The issues, discovered by Google Project Zero security researcher Gal Beniamini, affect the Broadcom WiFi SoC (Software on Chip), included with many Android and iOS smartphones, and for which both Google and Apple include custom firmware with their OS.
According to Beniamini, a stack buffer overflow vulnerability in the Broadcom firmware code allows an attacker in the phone's WiFi range to send and execute code on the device.
Depending on the attacker's skills, he can deploy code that takes over the user's device and installs applications without the user's knowledge, such as adware, banking trojans, or ransomware.
The possible ways in which these bugs can be leveraged range from evil WiFi spots up to wardriving scenarios.
Beniamini described his findings, in the context of attacking a fully-patched Nexus 6P Android device, in a blog post published today.
The iOS and Android RCE attacks are two of ten flaws Beniamini discovered in Broadcom's WiFi SoC firmware.
None of these flaws affected the Android and iOS operating systems per-se, but the source code of the Broadcom firmware. Both OS makers had to wait for over four months until the chip maker finally managed to fix all flaws.
These security bugs were particularly difficult, both in numbers and complexity, as Broadcom asked Beniamini for an extension to Project Zero's 90-day public disclosure policy so they could finish the patching process.