Serious MitM flaw plugged in latest watchOS version
If you’ve recently bought an Apple Watch, or if you have had one for a while now, but you haven’t updated to the latest watchOS version, now is the time to do it – but not while you’re connected to a network you can’t trust.
Version 1.0.1 of watchOS plugs a number of serious bugs, and among them is one – dubbed DoubleDirect – that can be exploited by an attacker with a privileged network position to redirect user traffic to arbitrary hosts.
In short, the bug allows an attacker to perform a MitM attacks, to steal credentials and deliver malicious payloads to the victim’s device.
“Unlike most ICMP Redirect MITM implementations, which are only half-duplex (except for InterceptNG’s project), DoubleDirect allows full-duplex MITM. An attacker can then fully intercept the communication from both the victim and the gateway,” Zimperium CEO Zuk Avraham explained in a blog post.
“Zimperium discovered DoubleDirect attacks in-the-wild last year. Fortunately we were able to provide a public PoC and root cause analysis, and Apple was able to patch all of its latest operating systems.”
The fix was executed by disabling ICMP redirects, which were enabled by default.
Avraham urges all Apple Watch users to update the device’s OS as soon as possible, but to avoid doing it while connected to a public or unmanaged corporate network.