CATEGORIES
home News

Apple iOS 11.2 HomeKit Exploit Left Smart Home Locks And Garage Door Openers Vulnerable

by Brandon HillFriday, December 08, 2017, 12:48 PM EDT
It has been a rough few weeks for Apple with regards to its major software platforms. The latest black mark against the company comes in the form of a zero-day vulnerability that was discovered in Apple's HomeKit implantation in iOS 11.2.

The vulnerability was first brought to public light by 9to5Mac, and is reportedly highly difficult to reproduce. Nonetheless, it allows for an unauthorized user to gain control of smart home devices connects via HomeKit. Given that the connected-accessories that are compatible with HomeKit extend to security cameras, smart locks, garage door openers and thermostats, the potential for abuse cannot be taken lightly.

HomeKit Hero

9to5Mac has been careful not to describe in great detail the mechanics behind the vulnerability, but it does explain:

The issue was not with smart home products individually but instead with the HomeKit framework itself that connects products from various companies...The issue was not with smart home products individually but instead with the HomeKit framework itself that connects products from various companies.

For now, Apple has applied a server-side fix that closes the vulnerability, but it has the side effect of breaking some HomeKit functionality. Apple has confirmed, however, that an iOS 11.2 update arriving next week will restore any broken functionality.

Apple came under fire in late November after a password exploit that allows anyone to bypass administrator authentication to login to a Mac running macOS 10.13 High Sierra. Apple quickly issued a fix for the exploit, but it embarrassingly broke file sharing for many users as a result. To make matters worse, users on earlier versions of macOS High Sierra that had applied the security patch, and then later upgraded to High Sierra 10.13.1 saw the effects of the patch erased.

Tags:  Apple, ios, (NASDAQ:AAPL), homekit, ios 11.2
Brandon Hill

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment