How To Prevent Your Apple Device From DoorLock Vulnerability?

What Is Apple HomeKit?

What Is DoorLock Vulnerability?

According To Trevor Spiniolas, The Security Researcher Who Publicly Disclosed The Vulnerability.

  1. “If the bug is triggered on a version of iOS without the limit and the device shares HomeKit data with a device on an iOS version with the limit, both will be still be affected.
  2. If a user does not have any Home devices added, the bug can still be triggered by accepting an invitation to a Home that contains a HomeKit device with a large string as its name.
  3. The bug can also be triggered on versions without the length limit by simply copying a large string of text and pasting it when manually renaming a Home device, although the Home app may crash when doing so”

Apple iOS Versions Affected With DoorLock Vulnerability:

How To Prevent Apple Devices From DoorLock Vulnerability?

  1. Turn off the HomeKit devices in the control center until Apple releases a fix for DoorLock Vulnerability.
  2. Don’t accept illegit suspicious invitations from unknown or untrusted sources over email.
  3. If you are victimized by the attack, follow these three steps to restore your data from the iCloud:
  1. Launch Control Center settings:




We are here to create awareness about cyber security.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Mystery of the Ancients: Trübe Wasser Hack Free Resources Generator

A new data privacy bill lets Coloradans decide if companies can collect their information

My First Bug Bounty Reward

{UPDATE} Firefighter Truck Simulator 3D Hack Free Resources Generator

Airdrop Alert: Airdrop of 100,000,000 QYU tokens Total Reward: $42,000,000 worth of QYU

{UPDATE} Jigsaw Photo Puzzle Deluxe Hack Free Resources Generator

PancakeBunny Security Bulletin


Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


We are here to create awareness about cyber security.

More from Medium

How To Detect And Fix CVE-2021–24867- Backdoor In AccessPress Themes And Plugins

PortSwigger Lab: Web shell upload via Content-Type restriction bypass | WalkThrough

Sublist3r: Enumerate subdomains of websites using OSINT

OpenVPN with kill-switch and block leaky DNS in Ubuntu 20.04