Another day, another flaw affecting smart home devices. This time it’s affecting an entire smart home ecosystem, as it’s been identified that Apple’s HomeKit could potentially let hackers control everything from smart lights to smart locks.
The flaw is currently present in the most recent version of iOS 11.2, and affects the actual HomeKit framework, which has already been implemented by several manufacturers. Apple has already begun rolling out a temporary server-side fix, but it disables a major feature for users.
According to 9to5Mac, the vulnerability is difficult to reproduce but allows unauthorised control of anything that was connected to HomeKit. That includes smart locks and garage door openers, potentially giving users the ability to access a home.
Apple was reportedly notified about the flaw back in October, but failed to fix all the issues in the iOS 11.2 update. Instead, Apple has made some server side changes, while a new iOS update will bring the full fix in the coming weeks.
The changes that have been made has disabled remote access for shared users, although Apple is reassuring users that the functionality will return as soon as the update rolls out.
In a statement, the company noted: “The issue affecting HomeKit users running iOS 11.2 has been fixed. The fix temporarily disables remote access to shared users, which will be restored in a software update early next week.”