The Hacker News Logo
Subscribe to Newsletter

Second iOS 7 Lockscreen vulnerability lets intruders to make calls from locked iPhone

Just two days back Apple has yet fixed a security flaw in iOS 7 that allows anyone to bypass the lock screen to access users’ personal data and the next one has already appeared.

The new vulnerability was discovered by Karam Daoud, a 27 year old from the West Bank city of Ramallah in Palestine, that allows anyone to make calls from a locked iPhone, including international calls and calls to premium numbers.
In a video, Daoud showed that calls can be made to any number from a locked iPhone running iOS 7 by using a vulnerability in the device’s emergency calling function.

The person needs to dial a number and then rapidly tap the call button until an empty screen with an Apple logo appears and makes the call to the particular number.
The Forbes writer tested the flaw on two iPhone 5 devices on separate networks and it worked both times. This is the second malfunction found in the lock screen since iOS 7 was seeded to all iPhone owners this past Wednesday.

Daoud notified Apple about the bug and received a same response that the next software update will fix this bug as well.

Update (5:02 PM Thursday, September 26, 2013 GMT) : Apple has just released iOS 7.0.2, a new update delivering several changes including a fix for a lock screen passcode vulnerability.


Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.