Apple iOS vulnerable to HomeKit ‘doorLock’ denial of service bug

A novel persistent denial of service vulnerability named ‘doorLock’ was discovered in Apple HomeKit, affecting iOS 14.7 through 15.2.

Apple HomeKit is a software framework that lets iPhone and iPad users control smart home appliances from their devices.

According to Trevor Spiniolas, the security researcher who publicly disclosed the details, Apple has known about the flaw since August 10, 2021. Yet, despite the repeated promises to fix it, the researcher says Apple has continually pushed the security update further, and it remains unresolved.

I believe this bug is being handled inappropriately as it poses a serious risk to users and many months have passed without a comprehensive fix. The public should be aware of this vulnerability and how to prevent it from being exploited, rather than being kept in the dark.

Spinolas

Full article

Scroll to Top