A passcode bypass flaw in iOS 13 allows access to victim’s phone book from the lockscreen mode. Read on to know more…
A passcode bypass flaw has been discovered in iOS 13, which is scheduled to go live next week. A passcode bypass is a vulnerability that allows access to the content on a device without proper authorization. This vulnerability allows the attacker access to the victim’s phone book, including contact names and email addresses.
Spanish security researcher José Rodríguez recently posted a YouTube video of his most recent iOS lock-screen bypass — one that allows an iPhone to be tricked into showing its address book without the need to unlock the screen. He reported the vulnerability that allows hackers to harvest contact details from the victim’s phonebook on locked devices. This vulnerability exists in the beta version of iOS 13.
The reported security vulnerability can be exploited through a series of harmless steps, performed in the following order.
1. Reply to an incoming call with a custom message.
2. Enable the VoiceOver feature.
3. Disable the VoiceOver feature.
4. Add a new contact to the custom message.
5. Click on the contacts image to open options menu and select ‘Add to existing contact’.
6. When the list of contacts appears, tap on the other contact to view its info.
This gives the hacker access to the victim’s entire phone book details. However, to exploit this hack, the iOS device needs to support Siri for the VoiceOver feature and the hacker needs access to the iOS based device.
For the record, this is not a terribly serious bug. To exploit it, attackers have to get their hands on a victim’s device, and then they need to call it from another phone. And also, the lockscreen workaround was found in a beta, which doesn’t really count as much as would a bug in a live product. That’s apparently why Apple reportedly reneged on its initial promise to pay Rodríguez the “gift” that he asked for. It’s also reportedly pretty easy to prevent: as a reader tweeted after The Register posted its story, you just need to go to Face ID & Passcode settings > Allow access when locked and toggle off the Reply with Message option. That feature is reportedly enabled by default in iOS 13.
This vulnerability, present in the Gold Master version of iOS 13 has been confirmed by The Verge. The security vulnerability was reported by Rodriguez on July 17th, but Apple is yet to patch it. He then made the details of the vulnerability live on September 11. Rodriguez observed that the vulnerability does not exist in iOS 13.1, which is expected to go live on September 30. Apple is planning to release iOS 13 on September 19, and it is not clear if this vulnerability will be fixed by then.