iOS 18.6.2-Persistent-Automation-Exploit-in-Siri-Shortcuts-and-Apple-SWC

This repo documents a vulnerability in Siri Shortcuts and Shared Web Credentials (SWC) allowing malformed payloads to persistently execute, trigger retry storms, bypass TLS validation, and request unauthorized entitlements. Confirmed on iOS 18.6.2 with potential iCloud-based propagation. Once imported into the Shortcuts app and attached to an automation, the payload:

• Executes in the background with no user notification
• Triggers excessive retry storms in swcd (71 attempts observed)
• Requests sandbox extensions from system daemons without proper entitlement validation
• Ignores TLS trust mismatches during repeated requests
• Persists across device reboot and application relaunch

This was observed live on an iPhone 14 running iOS 18.6.2 in a production environment.

Reproduction (Minimal Case):

1. Import a malformed .shortcut file into Siri Shortcuts.
2. Configure an automation trigger (e.g., “When app opens” or “At time of day”).
3. Reboot the device or trigger the automation manually.
4. Observe system logs including:

[BackgroundShortcutRunner] Ignoring entity property '<private>' because it doesn't have a title.  
[swcd] SWCERR00401 Bad JSON content -- {"cause":"invalid character '<'"}  
[swcd] SWCERR00303 TLS error -- certificate mismatch  
Retries: 71  

Impact:

• Persistent background execution without user awareness
• Denial of service through repeated retries
• Sandbox enforcement bypass attempts via unauthorized daemon extension requests
• TLS trust degradation due to certificate mismatch tolerance

Environment:

• Device: iPhone 14
• OS: iOS 18.6.2
• State: Production, live system

---