Researcher Trevor Spiniolas reports a serious bug that desperately locks your iPhone completely.
Vulnerability in iOS that uses HomeKit as an attack vector it could make your iPhone completely useless. The researcher who discovered and published it claims that Apple has been informed since August 2021, and that this problem affects, at least, the most recent versions of iOS.
According to security researcher Trevor Spiniolas, if we use a name for a HomeKit device with “very long string”, set to 500,000 characters in their tests, iOS and iPadOS devices that load this device with that name may be restarted and rendered unusable.
Additionally, since the name is stored in iCloud and updated on all other iOS devices logged into the same account, the the error may reappear repeatedly without us being able to do anything about it.
Four months ago, I discovered and reported a serious denial of service bug in iOS that still persists in the latest version. It persists during restarts and can trigger after restores under certain conditions. https://t.co/SAFbqyZdxY
– Trevor Spiniolas (@TrevorSpiniolas) January 1, 2022
Spiniolas called the bug “doorLock”, and claims that affects all versions of iOS from iOS 14.7, although it is likely that it also exists in all versions of iOS 14. In a video that you shared, it can be seen as, although the iPhone is restored, the problem persists and the device keeps crashing.
It also indicates that Apple planned to release a security update that would fix the bug in late 2021. However, Apple would have changed its estimate on December 8 to “Beginning of 2022”, so this is a bug that could be fixed soon.
It is true that It doesn’t look like there will be many users affected by this error. Assigning such long names to a device doesn’t make much sense and is very rare. However, this is a serious flaw that can render devices unusable. Hope Apple fixes it soon.
Related topics: iPhone
Subscribe to Disney + for only $ 8.99!