A flaw in Wi-Fi chips made by Cypress Semiconductor and Broadcom left “billions of devices” open to an eavesdropping vulnerability, ArsTechnica reports today. The flaw was announced by researchers at the RSA security conference today, and has already been patched by most manufacturers.
The vulnerability primarily affects FullMAC WLAN chips from Cyperess and Broadcom. These chips are used in billions of devices, Eset researchers say, including iPhones, iPads, and Macs. The flaw would have allowed nearby attackers to “decrypt sensitive data sent over the air,” according to the researchers.
Researchers from Eset explained:
An Apple spokesperson confirmed to ArsTechnica that it fixed these vulnerabilities last October in updates for macOS here and iOS and iPadOS here. The affected Apple devices included:
- iPad mini 2
- iPhone 6, 6S, 8, and XR
- MacBook Air 2018
ArsTechnica has more details on the technicalities of the vulnerability, so be sure to check out their coverage. For Apple users, however, there seems to be no reason to worry, so long as you’re running the latest versions of iOS, iPadOS, and macOS on your devices.
Description: A logic issue existed in the handling of state transitions. This was addressed with improved state management.
