An exploit has been discovered whereby anyone can bypass the Apple iOS 13 lockscreen and access a user’s address book without entering their passcode.
The iOS 13 is set to be released by Apple next week, however security researcher Jose Rodriguez was testing the beta version of iOS 13 and discovered the exploit.
In a video he demonstrates how specific conditions are needed in order for the expolit to work. The conditions include receiving a call and opting to respond with a message, which the “to” field can be changed by a voice command, thus resulting in the field pulling up the owner’s contact list.
This then allows anyone to crawl through a user’s address book, which although may not be seen as a critical vulnerability, it is most definitely an invasion of privacy.
As iOS 13 has entered the “Golden Master” stage, it will still be planned for a universal roll out on September 19 with the bug. However Apple will release the bug-fixing version 13.1 by the end of the month.
Last year Rodriguez also discovered a lockscreen exploit for iOS 12.1, which involved activating a Facetime call and then accessing a Facetime feature to see access all information.
Victoria Guiloit, Partner at Privacy Culture Ltd commented:
“It’s a complex attack methodology that requires the attacker to have physical access to the iPhone and then call or FaceTime it.
“Mitigation is to keep hold of your device, and then go into Face ID & Passcode settings > Allow access when locked and toggle off the Reply with Message option. That feature is reportedly enabled by default in iOS 13.
“Regardless of the complexity of the attack methodology it begs the question around how much Apple care about Privacy vs Security. Be interesting to see if Apple respond. I can’t see anything about it.”