Recently the mobile security experts at zecOps have discovered a bug in the iPhone last month that intrudes wireless connectivity when it gets connected to an access point with a specific name.
This bug was dubbed as WiFiDemon, and it is a remote code execution vulnerability, and for implementing operation it does not require any kind of user intervention.
Wi-Fi is the key factor for the smartphone, and wifid is a daemon that manages protocol connected with a Wi-Fi connection and it operates as a root.
According to the report, it says that wifid is a very delicate daemon that may guide the whole system to compromise. During the investigation, the security researcher, Carl Schou detected that wifid has an issue of format string while handling SSID.
Before proceeding further, let me justify the above heading, in short, this flaw works even when the screen is off. There is a lot of things that have been found in this bug, and the cybersecurity researchers noted that the bug can be a trigger as a zero-click, and it also has the potential to execute remote code.
The security experts are trying to find another method for exploiting the vulnerability, as per the report, the analysts have used “%@,” which is a format specifier for distribution and formatting targets in Objective-C, which is the programming language for iOS software.
After investigating the whole matter, the analysts came to know that wifid has intriguing logs when it is not linked to any wifi. However, all these logs carry SSID, which intimates that they may be hit by the corresponding format string bug.
The security analysts have tested and confirmed that it has been affected by the same format string bug, which implies that it is a zero-click vulnerability and can be activated without an end-user connecting to a newly named wifi.
Lastly, the researchers have also proposed that until and unless this bug is not getting fixed permanently, avoid joining to any public WiFi networks or any hotspots, as doing so will help you to stay protected from this type of security flaw.
Mitigation:-
However, the WiFi format strings were seen to be a remote code execution, and while joining a malicious SSID the experts have noted it.
Mitigation:-
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…