T5Uki

Name of the Vulnerable Software and Affected Versions CocoaMQTT versions prior to 2.2.2 Description A flaw exists in the packet parsing logic of CocoaMQTT that allows a remote attacker, or a compromised MQTT broker, to crash iOS/macOS/tvOS applications. Publishing a 4-byte malformed payload to a shared topic with the RETAIN flag set to true causes the MQTT broker to persist the payload. When a vulnerable client connects and subscribes to that topic, the broker sends the malformed packet, resulting in an application crash. This creates a persistent denial-of-service condition until the retained message is removed from the broker database. Recommendations Update CocoaMQTT to version 2.2.2 or later.