Apple iOS Passcode Lock Security Bypass Multiple Vulnerabilities
Last Update Date:
24 Oct 2013 10:28
Release Date:
24 Oct 2013
3948
Views
RISK: Medium Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities have been identified in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions.
- A NULL pointer dereference error related to the emergency call button and the camera pane within the lock screen of the Passcode Lock component can be exploited to gain access to certain otherwise restricted functionality and e.g. call an arbitrary number.
- An error within the Passcode Lock component can be exploited to gain access to the lock screen after having been disabled due to incorrect passcode attempts.
- A race condition error in the Passcode Lock component can be exploited to gain access to the contact pane and e.g. call an arbitrary number from the contacts pane.
Impact
- Security Restriction Bypass
System / Technologies affected
- Versions prior to 7.0.3 running on iPhone 4 and later
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 7.0.3.
Vulnerability Identifier
Source
Related Link
Share with