Poor management of the names of connected objects can freeze the operating system. No fixes are available at this time.
Security researcher Trevor Spiniolas has just revealed the existence of a flaw in Apple’s HomeKit home automation software, which allows triggering a denial of service on any device running iOS, including current version 15.2. The bug is found in the management of the names of objects connected to a HomeKit network. If any of these names are too long (over 500,000 characters for example), any iOS device that connects to that network will crash, as seen in this video.
The most likely attack scenario would then be for an attacker to create such a HomeKit network and then invite someone to join. If the person agrees, the device will download the data from that HomeKit network through iCloud, then the operating system will freeze. The only way out of this mess is to restore the device without signing into iCloud. When the device is operational again, you can log in to iCloud as long as you immediately disable access to HomeKit, to avoid downloading malicious data.
Obviously, this solution is not very satisfactory, because we lose the HomeKit functionality. Those with Xcode development skills can take it a step further and use the exploit code that Trevor Spiniolas posted on GitHub to rename all the object names on the malicious HomeKit network. Unfortunately, there is no easier way to solve the problem.
Apple was alerted to the issue on August 10, 2021. The company has indicated it will provide an “early 2022” fix, but the researcher believes the flaw deserves more attention. “I think this bug allows ransomware to be created on iOS, which is incredibly important,” he said in a blog post. Given this risk, Spiniolas felt it was better to let the public know now, rather than wait for a patch to be released.