Another iOS 6.1 Passcode Bug Discovered


Few days back, a security flaw was discovered which allows anyone to bypass the passcode lock on the iPhone and gain access to the Phone app. It allowed unauthorized access to Contacts, check your voicemail, send text messages, make FaceTime calls and even access your photos (by trying to add a photo to a contact).

Apple has acknowledged the issue and has seeded iOS 6.1.3 beta 2 to developer, which fixes the bug.

However, that may not be the only passcode bug. Folks at Vulnerability Lab CEO Benjamin Kunz Mejri have discovered another passcode lock vulnerability in iOS 6.1, according to a report on Ars Technica.

It seems to be similar the previous one, but is slightly different. Ars Technica explains:

The two start out in a similar way—by following a set of steps that utilizes the Emergency Call function in addition to the lock/sleep button and the screenshot feature. When making an emergency call, an attacker could cancel the call while holding the lock/sleep button in order to access data on the phone.

The difference between the first exploit and this one is how it can make the iPhone screen go black, allowing an attacker to plug the device into a computer via USB and access the user’s data without having their PIN or passcode credentials.

“The vulnerability is located in the main login module of the mobile iOS device (iPhone or iPad) when processing to use the screenshot function in combination with the emergency call and power (standby) button. The vulnerability allows the local attacker to bypass the code lock in iTunes and via USB when a black screen bug occurs,” Mejri wrote. “The vulnerability can be exploited by local attackers with physical device access without privileged iOS account or required user interaction. Successful exploitation of the vulnerability results in unauthorized device access and information disclosure.”

You can check out the video below to see how it can be reproduced:

I don’t know how they find these bugs, but I won’t be surprised if Apple fixes it too. Apple has also fixed two vulnerabilities that were used for the Evasi0n jailbreak, which means that it won’t be possible to jailbreak iOS devices running iOS 6.1.3 when it is released.

It goes without saying that jailbreakers should avoid upgrading to iOS 6.1.3 when it is released and probably a good time to jailbreak your iOS device if you haven’t done so already (You can find the links to our step-by-step jailbreak tutorials here).

Via: Ars Technica

Like this post? Share it!