iOS Zero-Day Vulnerability in HomeKit Application Allowed Remotely Access.
The Vulnerability allows unauthorized control of smart locks, smart lights, thermostats, garage doors and other accessories. Apple has issued a fix to a vulnerability that allowed unauthorized control of accessories, including smart locks and garage door openers.
The version 11.2 is the latest version of iOS. The vulnerability affects iPhones and iPads running on iOS 11.2 version, but earlier version of iOS are not affected.
The Vulnerability is currently under fix process. Apple shared this statement with 9to5Mac regarding the issue:
“The issue affecting HomeKit users running iOS 11.2 has been fixed. The fix temporarily disables remote access to shared users, which will be restored in a software update early next week.”
Its not necessary that the vulnerability affect on only HomeKit products, here question is arise that how should we can trust these types of Apps.
Last we have reported Apple issued with its MacOS High Sierra Bug Lets You Hack Any Mac, Mac Vulnerability, where user can access Mac with ‘root’ username and Blank password. Apple have released the security Fix within 24 hours.