Skip to main content

'DoorLock' Vulnerability Can Force iOS Devices to Endlessly Reboot

posted onJanuary 5, 2022
by l33tdawg
PC Mag
Credit: PC Mag

It can be hard to decide what to name smart home devices. Should an internet-connected lamp be called something utilitarian like "Kitchen Lamp" or be given a unique name like "The Bringer of Light to That Place We Make Food" to make it easier to identify? It may not seem like a critical decision, but a new vulnerability shows that HomeKit device names are pretty important.

Security researcher Trevor Spiniolas revealed this "doorLock" vulnerability on Jan. 1.

"When the name of a HomeKit device is changed to a large string (500,000 characters in testing)," Spiniolas says in a report on the flaw, "any device with an affected iOS version installed that loads the string will be disrupted, even after rebooting. Restoring a device and signing back into the iCloud account linked to the HomeKit device will again trigger the bug."

Source

Tags

Security Apple

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th