Security researcher Trevor Spiniolas talks about HomeKit vulnerability Told Is. Apple was informed about this on August 10 last year. The researcher has explained that the attacker can take advantage of this bug. It can cause freezing and crashing cycles by connecting a user’s iPhone or iPad to a HomeKit device. It is said that due to this problem, iOS device stops responding after reading the device name. The researchers also found that Apple stores the names of connected HomeKit devices in iCloud, so this problem persists.
The researcher said that after restoring the device, even if the user signs-in to the previously used iCloud, the Home app will not be able to be used. Spiniolas has made a video to explain how this bug shows its effect even after restoring the iPhone.
To avoid this vulnerability, users can reject random invitations from HomeKit devices on their iPhone and iPad. Users who are already using a smart home device can disable the Show Home Controls setting by going to the Control Center.
The users who have been targeted have also been advised by the researcher. Accordingly, users can restore their device to resolve the issue. Also, you can set it up as normal without signing up to your iCloud account. Spiniolas said it notified Apple about the bug in August last year, but the company is yet to fix it.