A new iOS bug has been discovered that completely blocks the Wi-Fi on iPhones if it joins a network with a very specific network name. The problem will force the user to have to reset the network settings of their phone. The flaw can be ‘exploited’ in a very simple way.
If an iPhone connects to a Wi-Fi network with SSID — “%p%s%s%s%s%n“, the Wi-Fi functionality of the iPhone is permanently disabled. Even a reboot or a subsequent renaming did not help. The bug was discovered by Carl Schou, a security expert, who has chosen to make it public on his social networks.
According to the researcher, the problem affects iOS 14.4.2, with Bleeping Computer indicating that devices with the current iOS 14.6 are also affected.
In the C programming language, this character string has a very specific meaning. The character strings %p,%s or %n actually serve as parameters for the basic function printf(). This may cause it to be interpreted as a command or variable by the operating system and not as a name of a Wi-Fi network — thus creating the vulnerability in the iPhone. That’s why resetting the device’s network settings fixes it, as this removes all the names of all the wireless networks saved on the iPhone.
Presumably, Apple will fix the problem in an update. Until then, the connection to SSIDs with the above character string should be avoided if possible.
