Security personnel disclose IOS vulnerability: use homekit to make iPhone

Recently, security researchers disclosed vulnerabilities existing in the iOS system, using homekit attack, and Apple repaired the vulnerability very slow. The security researcher Trevorspiniolas said that if the HomeKit device name is changed to a “long string”, set to 500,000 characters in the test, the iOS and IPADOS devices loaded by the string will be restarted and cannot be used.

In addition, since the name is stored in iCloud and updated in all other iOS devices logged in to the same account, the error may appear repeatedly.

Spiniolas said this vulnerability is “doorlock” and claims that it affects all IOS versions of iOS 14.7 in the test, although it may exist in all IOS14 versions.

In addition, although updates in iOS 15.0 / 15.1 are limited to the name length of the application or user set, the previous IOS version can still update the name. If the error is triggered on an unrestricted iOS version and shares HOMEKIT data, all devices that share data will also be affected, regardless of the version.

This will result in two situations, and the device that does not enable the HOME device in the control center will find that the Home application cannot be used and collapsed. Restart or update can not solve this problem, and if you check in the same iCloud account, you will not be able to use home.

For the IPHONE and IPADs that have enabled the HOME device in the control center, the default settings when the user accesses the HomeKit device, and the iOS itself has no response. The input becomes delayed or ignored, and the device has no response, and occasionally takes the restart.

In this case, the restart or update device cannot resolve, and the interrupt USB access will basically force the user to recover the device and lose all local data. However, recovery and signing to the same ICLOUD account will trigger the error again, and its effect is the same as before.

Spiniolas believes that this issue may be used for malicious purposes, such as introducing this error by an application that can access home data. The attacker sent to other users to HOME’s invitation is also possible, even if the target does not have a HomeKit device.

According to the researchers, the worst case in both cases can be avoided by disabling the HOME equipment in the control center. To do this, open “Settings” and “Control Center” and set the “Show Home Control” switch to close. Users should also be vigilant to the invitation to join other users, especially those from unknown contacts.

Spiniolas claimed that he was originally reported to Apple on August 10. It is said that Apple plans to post a security update that repairs the error before the end of 2022. However, it is said that Apple will then change its estimate on December 8 to “2022.”

The researchers wrote: “I think this bug is inappropriate because it brings serious risks to users, and many months have passed, and there is no comprehensive fix. The public should know this vulnerability and how to prevent It is used instead of being blounded. “