Security Flaws in Apple’s AWDL Protocol Could Lead to Tracking, MITM & Other Types of Attacks

Last updated September 28, 2021
Written by:
Novak Bozovic
Novak Bozovic
Tech & VPN Content Specialist

Even though they can be hugely useful and convenient, Apple’s AirDrop and AirPlay also pose a significant security risk. That’s because both of those technologies are based on the ‘Apple Wireless Direct Link’ (AWDL) protocol, present on more than 1.2 billion devices. Despite its closed nature, this protocol has been thoroughly examined by cybersecurity experts, who have now published their findings. As it turns out, AWDL comes with several vulnerabilities that enable different kinds of exploitations, some of which can be incredibly serious.

Cybersecurity experts at the Technical University of Darmstadt (Germany) have been dissecting Apple’s AWDL protocol during the last year, and they came up with interesting conclusions. By reverse-engineering the protocol and re-writing it as a C-implementation named OWL (Open Wireless Protocol), they managed to test the AWDL for various attacks. In conclusion, they’ve discovered the following four vulnerabilities:

To illustrate their theory, the security researchers have posted a YouTube video showing the previously mentioned MITM attack in action. The video shows how a third-party could modify files in transit, which opens the possibility of injecting malware.

All of the previously mentioned vulnerabilities have already been reported to Apple. The company managed to issue a security update in May, fixing the AWDL DoS bug (CVE-2019-8612). This means that the fix has already been applied to your device if you’re running iOS 12.3, tvOS 12.3, watchOS 5.2.1, or macOS 10.14.5. The rest of the vulnerabilities require the redesign of some of Apple’s services, which means that they’ll stay exploitable for the foreseeable future.

It’s also interesting to note that some of these AWDL vulnerabilities affect Android devices as well. That’s because the Wi-Fi Alliance has adopted the AWDL standard for Neighbor Awareness Network-ing, also known as ‘Wi-Fi Aware’. Since this technology uses AWDL’s design, there’s a high possibility that these two technologies share the same vulnerabilities as well.

You can read about these AWDL vulnerabilities in a whitepaper posted by the researchers. Additional details will be revealed at the USENIX security conference presentation in mid-August.

How frequently do you use Apple’s AirDrop and AirPlay? Are you worried about these security vulnerabilities? Let us know in the comments section below, and don’t forget to follow us via our social media profiles, on Facebook and Twitter. Thanks!



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: