An impressively detailed start-to-end explanation of how an exploit is created. This exploit is unusually powerful in that it does not require the user to perform any action – no need to open attachments, click on hyperlinks etc. The only requirement is that Wifi is turned on. For iOS users, this exploit has been patched in the latest iOS 10.3.3.
Broadpwn is a fully remote attack against Broadcom’s BCM43xx family of WiFi chipsets, which allows for code execution on the main application processor in both Android and iOS. It is based on an unusually powerful 0-day that allowed us to leverage it into a reliable, fully remote exploit.