Back to Blog

Expert demonstrated how to access contacts and photos from a locked iPhone XS

October 11, 2018

By: Pierluigi Paganini

Expert discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could be exploited to access photos, contacts on a locked iPhone XS .

The Apple enthusiast and “office clerk” Jose Rodriguez has discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could be exploited by an attacker (with physical access to the iPhone) to access photos, contacts on a locked iPhone XS and other devices.

The hack works on the latest iOS 12 beta and iOS 12 operating systems, as demonstrated by Rodriguez in a couple of videos he published on YouTube (Videosdebarraquito).

The passcode bypass vulnerability affects a number of other iPhone models including the latest model iPhone XS.

An attacker can access the images on the devices by editing a contact and changing the image associated with a specific caller.

Apple has addressed the issue allowing images to be viewed via contacts, but Rodriguez devised a new method to circumvent the mitigations implemented by Apple.

The attack exploits the VoiceOver feature that enables accessibility features on iPhone, for this reason, the vulnerable device needs to have Siri enabled and Face ID either turned off or physically covered.

A step by step guide for the Rodriguez’s attack was published by the website Gadget Hacks.

More:  https://securityaffairs.co/wordpress/76700/hacking/iphone-xs-passcode-hack.html

 

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.