Apple has fixed a security flaw in its connected home app, HomeKit, which could have been exploited to enable unauthorised control of connected smart accessories.
The flaw is present in the current version of iOS 11.2 and was demonstrated to 9to5Mac. The fix will be rolled out next week.
According to 9to5Mac's source, the vulnerability was difficult to reproduce, but allowed unauthorised control of HomeKit-connected accessories including smart lights, thermostats, and plugs.
Although the flaw didn't concern connected smart home products, instead it was to do with the HomeKit framework itself that helps to connect the different products from various smart device makers.
Since making Apple aware of the bug, the firm has rolled out a server-side fix that now prevents unauthorised access from occurring while limiting some functionality. Apple said an update to iOS 11.2 will be coming next week and this will restore that full functionality.
"The issue affecting HomeKit users running iOS 11.2 has been fixed. The fix temporarily disables remote access to shared users, which will be restored in a software update early next week," Apple said in a statement to 9to5Mac.
The news of the HomeKit bug fix comes just a week after Apple issued a fix for the 'devastating' MacOS High Sierra bug that allowed anyone to gain root access without a password.
The fix arrived as 'Security Update 2017-001', and is available to download from the Mac App Store, promising to plug the easy-to-exploit flaw.
In a statement, the firm said: "Security is a top priority for every Apple product, and regrettably we stumbled with this release of MacOS.
"When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole.
The flaw let anyone gain admin rights on a MacOS machine by typing "root" as the username in the authentication dialogue box, leaving the password fielding blank and clicking on the "unlock" button twice.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago