Turns Out That Low-Risk iOS Wi-Fi Naming Bug Can Hack iPhones Remotely

silversurfer

Level 74
Verified
Trusted
Content Creator
Malware Hunter
Aug 17, 2014
6,329
The Wi-Fi network name bug that was found to completely disable an iPhone's networking functionality had remote code execution capabilities and was silently fixed by Apple earlier this year, according to new research.
Researchers from mobile security automation firm ZecOps nicknamed the issue "WiFiDemon." It's also a zero-click vulnerability in that it allows the threat actor to infect a device without requiring any user interaction, although it requires that the setting to automatically join Wi-Fi networks is enabled (which it is, by default).

"As long as the Wi-Fi is turned on this vulnerability can be triggered," the researchers noted. "If the user is connected to an existing Wi-Fi network, an attacker can launch another attack to disconnect/de-associate the device and then launch this zero-click attack."
"This zero-click vulnerability is powerful: if the malicious access point has password protection and the user never joins the Wi-Fi, nothing will be saved to the disk," the company added. "After turning off the malicious access point, the user's Wi-Fi function will be normal. A user could hardly notice if they have been attacked."
All iOS versions starting with iOS 14.0 and prior to iOS 14.3 were found to be vulnerable to the RCE variant, with Apple "silently" patching the issue in January 2021 as part of its iOS 14.4 update. No CVE identifier was assigned to the flaw.
 
Top