Apple accused of recklessness over iOS security vulnerability

Smart Home per App steuern
(Image credit: stock.adobe.com @ Gorodenkoff)

Some devices powered by Apple’s iOS software are vulnerable to a newly-discovered denial of service vulnerability named “doorLock”, but Apple doesn’t seem to be all that interested in fixing it, reports have claimed.

The vulnerability, first discovered by security researcher Trevor Spiniolas, affects Apple HomeKit, in iOS versions 14.7 through 15.2. HomeKit is a software platform for the creation of smart home apps. 

Spiniolas demonstrated the flaw in a video posted on YouTube, in which he shows that to trigger the flaw, all an attacker needs to do is change the name of a HomeKit device to something that has more than 500,000 characters. 

Prevention versus mitigation

By creating an iOS app that has access to Home data, it can change HomeKit device names, even if the target device has no Home devices added on HomeKit. How long it would take for an app like this to be flagged by an antivirus program is anyone's guess.

When the device tries to load the long string, it will just freeze out. To snap it out of the trance, the user will have no other way but to hard reset it. The reset, however, will cause all stored data to be deleted. Furthermore, signing back into the iCloud account linked to the HomeKit device only brings the victim back to square one, resulting in an endless loop of freezes and resets. 

"The introduction of a local size limit on the renaming of HomeKit devices was a minor mitigation that ultimately fails to solve the core issue, which is the way that iOS handles the names of HomeKit devices," the researcher explained in his blog post.

"If an attacker were to exploit this vulnerability, they would be much more likely to use Home invitations rather than an application anyways, since invitations would not require the user to actually own a HomeKit device."

Spiniolas said he told Apple about the flaw in August last year, but the issue is still unresolved, even though Apple promised to fix it. He said that it could be used as a ransomware vector, demanding payment in exchange for restoring a HomeKit device back to a safe string length.

So, what can people do, in the meantime? According to BleepingComputer, the focus needs to be on prevention, at this point, because if someone gains access to a victim’s “Home”, it’s going to be a tough fight.

That being said, suspicious invitation emails from email addresses that seem to be coming from Apple services or HomeKit products should be scrutinized in the same way as emails that could potentially be carrying malware.

For those who have already given access to someone, here’s what they can do:

  • Restore the affected device from Recovery or DFU Mode
  • Set up the device as usual, but do NOT sign back into the iCloud account
  • After setup is finished, sign in to iCloud from settings. Immediately after doing so, disable the switch labeled “Home.” The device and iCloud should now function again without access to Home data.

Via: BleepingComputer 

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Apple users facing new security risks after critical USB component hacked
An iPhone with a 10:30am alarm ringing next to an Apple Watch that displays the time as 12:42pm
Apple warns "extremely sophisticated attack" hits iPhones and iPads, so update now
Apple Siri
Update your Apple device now: iOS 18.3.2 fixes a flaw that could be exploited by hackers
A man holds a smartphone iPhone screen showing various social media apps including YouTube, TikTok, Facebook, Threads, Instagram and X
A worrying Apple Password App vulnerability reportedly left users exposed for months
An option to add Ambient Music buttons to the iOS 18.4 Control Center.
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Apple's new "Share Item Location" feature for AirTags.
Apple security alert - zero-day patched, so update your devices now
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring