An iPhone hotspot vulnerability that Apple hasn’t fixed yet breaks your ability to connect to wireless networks, requiring a factory reset to restore Wi-Fi functionality.
STORY HIGHLIGHTS:
- Certain malformed hotspot names can break iPhone’s Wi-Fi
- A network settings reset restores Wi-Fi connectivity
- Apple has yet to fix this bug in iOS and iPadOS
- Android isn’t hit by the same problem
Why some hotspot names break iPhone’s Wi-Fi
As discovered by security researcher Carl Schou, iOS and iPadOS appear to suffer from an odd wireless network naming issue which can disable your ability to connect to Wi-Fi networks to the point where a network settings reset is the only way to re-enable Wi-Fi functionality.
After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~) pic.twitter.com/2eue90JFu3
— Carl Schou (@vm_call) June 18, 2021
For that reason, iDB advises against connecting to unfamiliar wireless access points that carry unusual symbols in their name, like the percentage sign followed by the characters S and P.
BleepingComputer has discovered that changing a hotspot’s SSID does not fix the issue.
As mentioned, the only way to re-enable Wi-Fi functionality after encountering this bug entails resetting your network settings (which will erase passwords for all saved Wi-Fi networks on the device) by choosing Settings → General → Reset → Reset Network Settings.
Apple did not fix the issue at the time of writing.
You can permanently disable any iOS device's WiFI by hosting a public WiFi named %secretclub%power
Resetting network settings is not guaranteed to restore functionality.#infosec #0day— Carl Schou (@vm_call) July 4, 2021
In one case involving a malformed SSID, resetting network settings wouldn’t re-enable Wi-Fi. According to Schou, he had to edit an iPhone backup file and remove any malicious entries from the known networks list to restore Wi-Fi functionality.
Thanks to @pieceofsummer and @wr3nchsr I now have WiFi again. To restore WiFi functionality, you have to manually edit an iPhone backup and remove malicious entries from the known networks .plist
— Carl Schou (@vm_call) July 4, 2021
As is its wont, Apple hasn’t even publicly acknowledged this software vulnerability. At any rate, the bug seems to be specifically related to iOS because Android at this point does not exhibit the same network naming issue.
→ How to share access to your Wi-Fi network without revealing the password
It’s unclear if malicious actors might be able to further exploit the bug. Apple is known for responding to critical vulnerabilities in a timely manner so here’s hoping it fixes this bug before exploits have a chance to happen.