Apple plans to release iOS 13 on September 19th, and it’s no surprise that the upcoming release includes many fascinating features.
But it appears that the new iOS 13 features will be also be accompanied by exploits as well. A security researcher has found a way to bypass the lock screen of an iPhone running on iOS 13, and, eventually, gain access to all contacts stored in the device.
According to The Verge, the researcher, Jose Rodriguez, reported the flaw to Apple on July 17th. However, he noticed that the hack is still working on the Gold Master (GM) version of iOS 13.
How does it work?
The frightening part of the exploit is that it is effortless to attain. As Rodriguez showcases the methodology in his YouTube video — the hack includes a FaceTime call and using Siri to toggle the voiceover feature which allows a user to access the contact list.
The passcode bypass would allow users to access contact information such as email addresses, secondary phone numbers, address information, and more.
Interestingly, the flaw is fixed in iOS 13.1, which is scheduled to release on September 30th, according to the researcher.
Is it the last year’s exploit?
For those who don’t know, Rodriguez is the same researcher who discovered a similar exploit in last year’s iOS 12.1.
However, the difference between the two scenarios is that the flaw was discovered a few days after the iOS 12.1 release, back in 2018.
Previously, researchers at the Black Hat Conference 2019 discovered a method to bypass FaceID through modified glasses and a knocked out owner.
While this hack doesn’t include knocking out the owner, it would still require hackers to steal the iPhone, at least for a few minutes.