Jan 4, 2022
63 Views
0 0

Written by

A new denial of service (DoS) vulnerability dubbed “doorLock” was recently revealed in Apple HomeKit, impacting iOS 14.7 through 15.2. Apple HomeKit is a software framework that lets iPhone and iPad users control smart home appliances from their devices.
According to the researcher who disclosed the details, Apple has been aware of the vulnerability since August 2021, but has not addressed the issue.
To trigger ‘doorLock,’ an attacker would change the name of a HomeKit device to a string larger than 500,000 characters.
To demonstate the doorLock bug, Spinolas, the original researcher who uncovered the bug,. has released a proof-of-concept exploit in the form of an iOS app that has access to Home data and can change HomeKit device names.
Source: https://www.bleepingcomputer.com/news/security/apple-ios-vulnerable-to-homekit-doorlock-denial-of-service-bug/
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance

source

Article Categories:
Mobile Security

Comments are closed.