SiriSpy is a vulnerability affecting Apple iOS and macOS that allows apps to eavesdrop on a user’s conversations with Siri.
SiriSpy is a now-patched vulnerability tracked as CVE-2022-32946 in Apple’s iOS and macOS that could allow any app with access to Bluetooth to eavesdrop on conversations with Siri and audio.
“An app may be able to use a pair of connected AirPods to record audio.” Read the announcement from Apple. “This issue has been addressed through improved rights.”
Malicious apps with access to Bluetooth can record conversations from iOS keyboard dictation when using AirPods or Beats headphones.
According to Guilherme Rambo, the app developer who reported SiriSpy to Apple, the app did not request microphone access and left no indication that it was listening to the microphone.
“Any app that has access to Bluetooth can record your conversations with Siri and audio from the iOS keyboard dictation feature while using your AirPods or Beats headphones.” Read a blog post published by Rambo. “This can happen if the app doesn’t request microphone access and leaves no trace that it’s listening to the microphone.”
While testing AirBuddy’s capabilities, experts noticed that AirPods include a service with a UUID
9bd708d7-64c7-4e9f-9ded-f6b6c4551967, and has features that support notifications. Further investigation allowed him to associate the above UUID with the DoAP service for Siri and dictation support.
An attacker could create a malicious app that could connect to the AirPods via Bluetooth and record audio in the background.
“In a real-world exploit scenario, an application that already has bluetooth permissions for some other reason could do so without any indication that the user is doing it because there is no request to access the microphone, and control The instructions in the center only list “Siri and Dictation,” not apps that talk directly to the AirPods via Bluetooth LE, bypassing microphone permissions,” the expert added.
When investigating the same issue on macOS, Rambo discovered that the issue could be exploited to completely bypass the Transparency, Consent, and Control (TCC) security framework. This means malicious apps can eavesdrop on conversations with Siri without asking for any permissions.
On Apple’s platforms, the BTLEServerAgent (or BTLEServer, depending on the platform) handles the DoAP protocol. It provides an interface through the mach service com.apple.BTLEAudioController.xpc that other processes on the system can use to request audio from the AirPods DoAP service.
The lack of entitlement checks on the BTLEServerAgent was the root cause of the problem, experts explained.
“For services exposed to third-party applications, system daemons typically check for specific entitlements before allowing applications to send requests to them, or raise TCC prompts on behalf of applications, allowing communication only once the user has approved. You may see Here’s what’s going on: BTLEServerAgent doesn’t do any entitlement checks or TCC hints for its com.apple.BTLEAudioController.xpc service, so any process on the system can connect to it, send requests, and receive audio frames from AirPods.” Expert concluded. “This vulnerability only works on macOS, as iOS’s sandbox is more restricted, preventing applications from directly accessing most global mach services.”
Apple addressed this issue with the release of iOS 16.1 and iPadOS 16 (October 24, 2022) and macOS updates.
Follow me on Twitter: @securityaffairs and Facebook
(security affairs – Hacker, SiriSpy)