Researchers publish findings on June 30 describing security flaws in Apple’s AirDrop and in Google and Samsung’s Quick Share. The work, conducted by CISPA Helmholtz Center for Information Security, analyzes the underlying network protocols used by the sharing services. The researchers identify three vulnerabilities in the way AirDrop works and additional vulnerabilities affecting Quick Share on Android and Windows, for a total of six issues across the two ecosystems.
According to the reporting, the attacks require an adversary to be within wireless range of a target device, typically about 10 to 30 meters. The researcher team says an attacker does not need prior pairing, an existing contact relationship, or a shared Wi‑Fi network to attempt the exploit. The primary impact described is the ability for a nearby attacker to trigger a crash or disrupt the receiving side of AirDrop before a user sees a file transfer request.
The accounts also note that the disruption can temporarily affect other Continuity-related features on Apple devices, including AirPlay, Handoff, and Universal Clipboard, while the device service is impaired. The sources characterize the practical risk as limited when users are set up appropriately.
