In 2020, Google Project Zero bug bounty hunter, Ian Beer, discovered a kernel vulnerability in Apple Wireless Direct Link (AWDL), which, if exploited, could give an attacker real-time device access and monitoring capabilities as well as siphon off sensitive data like images, audio files, video and passwords, and encryption keys from Apple’s keychain. AWDL is the functionality behind Apple features like AirDrop and Sidecar.¹

The vulnerability allowed for specially crafted Wi-Fi packets delivered to a nearby device to crash the phone and install malware. The exploit itself did require relatively close proximity to the target. The vulnerability was reported and then patched in May of 2020, and at that time, there had been no known examples of it being detected/abused “in the wild”. ¹

Reference:

[1] https://for585.com/ioskernelvuln