Apple iPhone : A specific network name can completely disable Wi-Fi

July 8, 2021

What Happened?

Apple’s iPhone WiFi will get disabled when connecting to this new Access Point Name (APN) readily available and discoverable in public places.

A security researcher has found that a carefully crafted network name causes a bug in the networking stack of iOS and can completely disable your iPhone’s ability to connect to Wi-Fi.

After joining a Wi-Fi network with a specific name (“%p%s%s%s%s%n”), all Wi-Fi functionality on the iPhone was disabled from that point on. Once an iPhone or iPad joins the network with the name “%p%s%s%s%s%n”, the device fails to connect to Wi-Fi networks or use system networking features like AirDrop. The issue persists after rebooting the device.

Cause:

The ‘%[character]’ syntax is commonly used in programming languages to format variables into an output string. In C, the ‘%n’ specifier means to save the number of characters written into the format string out to a variable passed to the string format function.

The Wi-Fi subsystem probably passes the Wi-Fi network name (SSID) unsanitized to some internal library that is performing string formatting, which in turn causes an arbitrary memory write and buffer overflow. This will lead to memory corruption and the iOS watchdog will kill the process, hence effectively disabling Wi-Fi for the user.

How to Fix WiFi after Connecting to ‘%secretclub%power’ :

Cyber security experts reported that any quick fixes or basic solutions to this problem would not work. They include resetting the Network Settings, Factory Reset to the iPhone, or restarting it.

What would work is a manual edit of an iPhone’s backup, where the user would need to access the “.plist” and remove it from the malicious entries lineup.

Remediation:

Just keep an eye out for any Wi-Fi networks with percent symbols in their name.
Reset all network settings and start over. In Settings, go to General -> Reset -> Reset Network Settings. This resets all saved Wi-Fi networks on the iPhone
The best safety precaution is to simply avoid connecting to public Wi-Fi networks that contain percent symbols in their name.
Wait for the inevitable software update where Apple will fix the OS bug that is causing the denial of service.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Apple iPhone : A specific network name can completely disable Wi-Fi

Cause:

How to Fix WiFi after Connecting to ‘%secretclub%power’ :

Remediation:

Security Team

Related Posts

North Korean Threat Actors Exploit Python Packages to Deliver PondRAT Malware

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

GitLab Patches Critical SAML Authentication Bypass Vulnerability

Our Offices

Corporate Office (HO):

UK Office:

Registered Office (Delhi):

Noida Office:

Phone:

Email

Click To Download

Download CyberSRC Services & Portfolio & Datasheets

Download Case Studies

Download Company Brochure