iOS 13 exploit allows you to bypass lockscreen, patch on the way

The exploit requires FaceTime, Siri and voiceover to access information like contacts

Ahead of the upcoming release of iOS 13, a security researcher has uncovered a bug that allows you to bypass the iPhone’s lockscreen.

Jose Rodriguez discovered the exploit and told The Verge that he informed Apple about it on July 17th. However, the exploit is still present in the Gold Master (GM) version of iOS 13 set for release on September 19th.

The exploit allows people to bypass the lockscreen and gain access to contact information stored on an iPhone.

It works similarly to another bypass Rodriquez discovered in iOS 12.1. Both involve a convoluted process of activating a FaceTime call, accessing Siri to enable the voiceover feature and then getting into the contact list. From there, someone could access email address, phone numbers, address information and more.

However, unlike the iOS 12.1 exploit, this one only allows access to contacts and not to photos.

Regardless, for someone to actually pull off the exploit, they would need physical access to your iPhone and enough time to initiate a FaceTime call and enable voiceover.

Thankfully, Rodriguez says it appears iOS 13.1 will bring a fix, as the exploit isn’t present in the betas. Apple said iOS 13.1 would release on September 30th.

Source: Jose Rodriguez Via: The Verge