A new bug in iOS may cause the Wi-Fi functionality of the iPhone or iPad to stop working when connecting to a hotspot or SSID with a very unusual name.
You will no longer be able to connect to other hotspots, and restarting your iDevice will not fix the problem. However, there is a way out of this hole without having to completely factory reset the iPhone or iPad.
"After joining my personal WiFi with SSID "%p%s%s%s%s%s%n" my iPhone permanently disabled its WiFi function," Danish hacker Carl Schou wrote on Twitter on Friday (June 18). "Rebooting and changing the SSID didn't fix it :~)"
When Schou tried to manually turn Wi-Fi on again, the iPhone immediately turned it off.
Schou told Bleeping Computer that he discovered this flaw on an iPhone XS running iOS 14.4.2. The site reproduced the flaw on iPhones running iOS 14.6, the latest version of Apple's mobile operating system; Android phones do not appear to be affected.
"In some tests, connection to the SSID fails, but we could no longer access our regular wireless network," writes Ax Sharma of Bleeping Computer. "Other tests led to the behavior described by Schou, where the iPhone's Wi-Fi settings would be disabled, and we could no longer enable it again".
Malicious actors can weaponize this flaw by setting up passcode-less hotspots in public places and attempting to get data-hungry iPhones and iPads with Wi-Fi turned on to connect there. Once connected to the hotspot, Wi-Fi functionality will be disabled until the user takes corrective action.
Shu was at a loss as to how to restore Wi-Fi functionality without having to factory reset the iPhone, but fortunately another Twitter user told him there was a simple solution.
All you need to do is go into "Settings," select "General," and go to "Reset. Do not "Reset all settings" or "Clear all content and settings. Instead, scroll down a bit and tap "Reset Network Settings."
Your iPhone or iPad will then restart normally and you will be able to reconnect to other Wi-Fi hotspots, but you may need to manually enter the hotspot password.
Chinese iPhone hacker ChiChou, aka CodeColorist, dissected the flaw and put up a blog post explaining that it was a format string bug, something "rarely seen now."
According to Bleeping Computer, iOS seems to be interpreting the "%n" string in the SSID name as a command variable in the C programming language, rather than just as plain text.
"%p%s%s%s%s%n" is not a normal Wi-Fi network name, to say the least. Shu told Bleeping Computer, "All of my devices have format strings in their names to deal with less developed devices."
Comments