A safety researcher has discovered that sure Wi-Fi networks with the p.c image (%) of their names can disable Wi-Fi on iPhones and different iOS gadgets. Carl Schou tweeted that if an iPhone comes inside vary of a community named %secretclubpercentpower, the machine received’t be capable of use Wi-Fi or any associated options, and even after resetting community settings, the bug might proceed to render Wi-Fi on the machine unusable.
You possibly can completely disable any iOS machine’s WiFI by internet hosting a public WiFi named %secretclubpercentpower
Resetting community settings shouldn’t be assured to revive performance.#infosec #0day
— Carl Schou (@vm_call) July 4, 2021
Just a few weeks in the past, Schou and his not-for-profit group, Secret Membership, which reverse-engineers software program for analysis functions, discovered that if an iPhone linked to a community with the SSiD title %ppercentspercentspercentspercentspercentn it will trigger a bug in iOS’ networking stack that might disable its Wi-Fi, and system networking options like AirDrop would change into unusable.
9to5 Mac provided a doable rationalization for the bizarre bug:
the ‘%[character]’ syntax is usually utilized in programming languages to format variables into an output string. In C, the ‘%n’ specifier means to save lots of the variety of characters written into the format string out to a variable handed to the string format perform. The Wi-Fi subsystem in all probability passes the Wi-Fi community title (SSID) unsanitized to some inner library that’s performing string formatting, which in flip causes an arbitrary reminiscence write and buffer overflow. It will result in reminiscence corruption and the iOS watchdog will kill the method, therefore successfully disabling Wi-Fi for the consumer.
We’ve reached out to Apple to see if it’s engaged on a repair, and can replace if we hear again from them. However as 9to5 Mac notes, the bug can doubtless be prevented by not connecting to Wi-Fi networks with p.c symbols of their names.