Apple has rolled out security updates to address dozens of iOS and macOS vulnerabilities, including a severe iOS bug dubbed WiFiDemon that could lead to denial of service or arbitrary code execution.
The vulnerability, tracked as CVE-2021-30800 and a zero-day bug when security researcher Carl Schou publicly disclosed it, was fixed by Apple with the release of iOS 14.7 earlier this week.
Successful exploitation would make it possible to break an iPhone’s Wi-Fi functionality on joining hotspots with SSIDs containing the “%” character (i.e., %p%s%s%s%s%n).
Once triggered on a vulnerable iPhone, iPad, or iPod, the bug would render it unable to establish Wi-Fi connections, even after rebooting or renaming the Wi-Fi hotspot.
Fixing the Wi-Fi breaking issue requires resetting network settings to remove the names of all Wi-Fi networks, including the rogue ones, from the lists of known SSIDs.