A bug in iOS 15.1 is capable of rendering an iPhone completely unusable, a new study by security researcher Trevor Spiniolas has revealed. The vulnerability was discovered in Apple’s HomeKit platform, Gadgets Now reported.
Apple has limited the length of name of a HomeKit device. When the device name is changed to a large string, any device with iOS 15.1 or higher will be disrupted. In Spiniolas case, he used 5,00,000 characters to test the bug. The iPhone or iPad trying to connect to the device becomes unresponsive and does not respond to even rebooting. Even after restoring the iPhone, the bug can be triggered again when the user tries to log in to the iCloud account linked to the HomeKit device, the blog said.
The HomeKit application allows Apple users to communicate, configure and control connected accessories and smart-home appliances.
According to a Gadgets Now report, users who do not have Apple Home devices added to their iPhones can also be affected if they accept the invitation to a home that has a HomeKit device with a large string name.
The Home app will become completely unusable if the user does not have home devices enabled in the iPhone’s Control Centre. Updating or rebooting the device does not resolve the problem, he said.
“This bug poses a significant risk to the data of iOS users, but the public can protect themselves from the worst of its effects by disabling Home devices in control centre in order to protect local data,” the security researcher wrote in the blog.
According to the blog, Spiniolas had reported the bug on August 10, 2021 to the iPhone maker. Apple had then said it would resolve the bug in a security update before 2022. However, the tech giant is yet to address the issue.
(Edited by : Vijay Anand)