Apple iOS Passcode Lock Security Bypass Multiple Vulnerabilities

Last Update Date: 24 Oct 2013 10:28 Release Date: 24 Oct 2013 3798 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities have been identified in Apple iOS, which can be exploited by malicious people with physical access to bypass certain security restrictions.

  1. A NULL pointer dereference error related to the emergency call button and the camera pane within the lock screen of the Passcode Lock component can be exploited to gain access to certain otherwise restricted functionality and e.g. call an arbitrary number.
  2. An error within the Passcode Lock component can be exploited to gain access to the lock screen after having been disabled due to incorrect passcode attempts.
  3. A race condition error in the Passcode Lock component can be exploited to gain access to the contact pane and e.g. call an arbitrary number from the contacts pane.

Impact

  • Security Restriction Bypass

System / Technologies affected

  • Versions prior to 7.0.3 running on iPhone 4 and later

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 7.0.3.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Apple OS X and OS X Server Multiple Vulnerabilities

24 Oct 2013 3842 Views

Next

Cisco IOS XR Fragmented Packet Processing Vulnerability

24 Oct 2013 3790 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY