iPhone Wi-Fi Bug Now Morphs Into Zero-Click Hacking

Security researchers investigating a bug that causes Wi-Fi services on iPhones to crash have discovered that it could be exploited for remote code execution without user interaction.

While security researcher Carl Schou first discovered a vulnerability that caused iPhone devices to lose their Wi-Fi connectivity after joining a network with the SSID “%p%s%s%s%s%n,” researchers at mobile security startup ZecOps explained that there is more to the bug than the reported Wi-Fi denial-of-service (DoS) effect.

The researchers found that the error can be triggered by a zero-click.

ZecOps says the problem is similar to a format-strings bug where the computer considers the input value as a formatting character rather than a character. This attack was dubbed as WiFiDemon.

However, the researchers recommended upgrading the phone to the latest OS version, as well as disabling the auto-join feature in the Wi-Fi settings to protect against WiFiDemon attacks.

Apple’s iOS 14.7 security updates are intended to address the reported issues.

For more information, read the original story in Bleeping Computer.

iPhone Wi-Fi Bug Now Morphs Into Zero-Click Hacking

Top Stories

Apple reportedly taps Google Gemini and Nvidia Blackwell Chips for new Siri

Researchers warn AI coding agents can be manipulated through hidden skill files

Amazon shuts down internal AI leaderboard after employees found ways to game the system

Google CEO pushes back on ‘Google Zero’ fears

Tesla insiders say they wouldn’t trust Full Self-Driving

Meta cuts jobs as it doubles down on AI

Related Articles

New ‘HTTP/2 Bomb’ attack can crash major web servers from a single computer

CISA exposed internal passwords and cloud keys in public repository

Canvas restores service after cyberattack disrupted schools and universities

Security researcher finds extensive tracking and security concerns inside White House mobile app

TND News Desk

TND News Desk

Jim Love