Home>Blog>The Hacker News Headlines>Researchers Detail New HomeKit ‘doorLock’ Bug Affecting Apple iOS
The Hacker News Headlines

Researchers Detail New HomeKit ‘doorLock’ Bug Affecting Apple iOS

Apple iOS HomeKit

A persistent denial-of-service (DoS) vulnerability has been
discovered in Apple’s iOS mobile operating system that’s capable of
sending affected devices into a crash or reboot loop upon
connecting to an Apple Home-compatible appliance.

The behavior, dubbed “doorLock,” is trivial in that it can be
triggered by simply changing the name of a HomeKit device to a
string larger than 500,000 characters.

This causes an iPhone or iPad that attempts to connect to the
device to become unresponsive and enter an indefinite cycle of
system failure and restart that can only be mitigated by restoring
the affected device from Recovery or DFU (Device Firmware Update)
Mode.

Automatic GitHub Backups

HomeKit[1]
is Apple’s software framework that allows iOS and iPadOS users to
configure, communicate with, and control connected accessories and
smart-home appliances using Apple devices.

“Any device with an affected iOS version installed that loads
the string will be disrupted, even after rebooting,” security
researcher Trevor Spiniolas said[2]. “Restoring a device and
signing back into the iCloud account linked to the HomeKit device
will again trigger the bug.”

The flaw impacts the latest version of iOS, 15.2, and goes back
at least as far as version 14.7, with the weakness likely present
on all versions of iOS 14 from 14.0. Apple, for its part, was made
aware of the bug on August 10, 2021, with the company aiming to
resolve the flaw in early 2022.

While iPhone maker has attempted to mitigate the issue by
introducing a local size limit on the renaming of HomeKit devices,
Spiniolas noted that the core issue of how iOS handles HomeKit
device names remains unresolved.

In a real-world attack scenario, doorLock could be exploited by
an attacker by sending a malicious
invite[3] to connect to a HomeKit
device with an abnormally large string as its name, effectively
locking users out of their local data and preventing them from
logging back into iCloud on iOS.

Prevent Data Breaches

To make matters worse, since HomeKit device names are also
stored on iCloud, signing in to the same iCloud account with a
restored device will set off the crash once again, unless the
device owner opts to switch off the option to sync HomeKit
data.

“This bug poses a significant risk to the data of iOS users, but
the public can protect themselves from the worst of its effects by
disabling Home devices in [the] control center in order to protect
local data,” Spiniolas said. “I believe this issue makes ransomware
viable for iOS, which is incredibly significant.”

References

  1. ^
    HomeKit
    (developer.apple.com)
  2. ^
    said
    (trevorspiniolas.com)
  3. ^
    malicious invite
    (support.apple.com)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.