iOS 12.1 Lockscreen Bypass Found, Lets Anyone Access Your Contacts Without a Passcode

Share on Facebook Tweet Share Reddit Comment
iOS 12.1 Lockscreen Bypass Found, Lets Anyone Access Your Contacts Without a Passcode

The flaw in iOS 12.1 will give access to phone numbers, email addresses, and other contact information

Highlights

  • iOS 12.1 was released this week
  • The flaw has been posted on YouTube
  • Apple has not issued a fix yet

Apple just released the latest iOS 12.1 mobile operating system for compatible iPhone, iPad, and iPod touch models globally. This update offers certain new features including Group FaceTime, Depth Control, several new emoji, and performance management tweaks. However, hours after the release, a lockscreen bypass was found - which could allow anyone to access the entire contact list without entering in the lock screen password. A fix for the flaw has not been issued by Apple yet.

Soon after the release of iOS 12.1, a video was posted to YouTube that shows how the lockscreen can be bypassed to access the contact list. According to the video, the an attacker can make a call using Siri on the lock screen, convert it into a FaceTime call, and gain access into the Contacts list on the iPhone. This includes visibility of complete numbers, messaging app usernames, designations, company details, and email addresses (official and personal). The video also shows the user switching on Airplane Mode on the phone to enable unlimited access to the contact list. This is because the FaceTime call would not be able to connect without any network in such a situation. We were able to independently verify that the bypass indeed works, on our iPhone X running iOS 12.1.

Another bug earlier this month plagued certain Apple Watch Series 4 users in Australia. The change to Daylight Savings Time (DST) in the country resulted in reboot loops for the smartwatch rendering it useless for several users. This bug was due to the Daylight Savings Time flaw in the new Infograph Activity complication.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

Further reading: Apple, iOS 12.1, iOS, iPhone
Google Now Requires JavaScript Enabled to Let Users Sign-In; More Security Features Announced
Samsung to Compensate Ill Workers at Plants After Mediator's Proposal
 
 

Advertisement

 

Advertisement