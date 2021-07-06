#BugAlert: Percentage symbols in network names could brick iPhone's WiFi

Written by Chandraveer Mathur Mail Last updated on Jul 06, 2021, 06:51 pm

Beware! Percentage symbols in public WiFi network names could brick your iPhone’s WiFi

Last month, a zero-day vulnerability for iPhones was unearthed by Denmark-based security researcher Carl Schou. He tweeted that his iPhone's WiFi functionality was permanently disabled after joining a specific network. In a recent development, he revealed that some wireless network names (called SSIDs) can permanently brick the iPhone's WiFi with no known method to reverse the damage. Here's how to keep your iPhone safe.

AirDrop doesn’t work

Researcher first unearthed the WiFi-related vulnerability in June

Late in June, Schou discovered that joining a WiFi network with an SSID (Service Set Identifier) containing many "%" symbols instantly disabled all WiFi functionality on the iPhone. After connecting to a public network with SSID "%p%s%s%s%s%n" Schou's device failed to connect to any other WiFi network and internet-based features like AirDrop also didn't work. The issue was observed on iPads as well.

Reason

Resetting network settings doesn't help undo the damage

On July 4, Schou tweeted that another public WiFi SSID "%secretclub%power" also had the same effect where the iPhone's WiFi was permanently disabled. Resetting the network settings didn't restore connectivity. 9to5Mac's possible explanation suggests that the WiFi subsystem passes the SSID unsanitized to an internal iOS library that performs string formatting, which in turn uses an arbitrary memory to write and buffer overflow.

Possible explanation?

Can unfiltered WiFi SSIDs cause memory corruption on iPhones?

The above explanation ties into the fact that the "%[character]" syntax is used for format specifiers in programming languages. 9to5Mac's explanation suggests that the WiFi name could cause memory corruption on the iPhone, so the iOS watchdog kills the process, disabling WiFi for the user in the process. This also seems to explain why resetting the network settings did not fix the problem.

Remedial measures

Some Redditors claim to have escaped unscathed from this vulnerability

Surprisingly though, this problem won't brick WiFi on all iPhones. Some Reddit users managed to return to safety with an ordinary error message. So far, Apple has not commented on this vulnerability. Until a proper fix is released, we would strongly advise you to steer clear of WiFi networks that have percentage symbols in their name.