Security researcher found that certain WiFi networks with the percent symbol in their names can cause Wi-Fi to be disabled on iPhones and other iOS devices. Carl Schou tweeted that an iPhone within the range of a network called %secretclub%power will not be able use Wi-Fi and any related features. Even after setting up network settings, the bug could still make Wi-Fi unusable.Hosting a public WiFi called %secretclub%power can permanently disable an iOS device's WiFI.Resetting network settings does not guarantee functionality. #infosec #0day Carl Schou, @vm_call July 4, 2021Schou and Secret Club, a not-for-profit organization that reverse-engineers software, discovered that if an iPhone was connected to a network with SSiD name %p%s%s%s%n, it would cause a bug within iOS networking stack. This would disable the iPhone's Wi-Fi and render system networking features such as AirDrop inoperable.9to5 Mac suggested a possible explanation:The %[character] syntax can be used to format variables into an out string in programming languages. The %n specifier in C means to save the number characters that were written to the format string to a variable passed the string format function. The Wi-Fi subsystem likely passes the Wi-Fi network (SSID), unsanitized to an internal library that performs string formatting. This causes an arbitrary buffer write and buffer overflow. This will cause memory corruption, and the iOS watchdog will stop the process. It will effectively disable Wi-Fi for the user.We reached out to Apple for assistance. If they respond, we will keep you posted. The bug can be avoided, as 9to5 Mac points out.
