iOS 13 security flaw discovered before official release
Ahead of iOS 13 stable rollout, a security researcher has already discovered a security flaw. This allows just anyone to bypass the lock screen and get access to an iPhone.
Discovered by Jose Rodriguez, this security flaw allows one to access information from contacts like email addresses, phone numbers, and addresses, The Verge reported. It works by making a FaceTime call and using Siri's voiceover feature to access the contact list on the iPhone. Exploiting this security flaw also requires one to use the iPhone as remote access is not possible.
The report further states that Apple was informed of this security flaw by Rodriguez in July but its fix won't be available until the end of this month. Apple will roll out the stable version of iOS 13 next week but without the fix. It will instead release the fix with iOS 13.1 which will be available on September 30. iOS 13.1 beta version appears to have the fix for this security flaw.
Apple has had similar issues in the past going back to the iPhone 6 series. Hackers could exploit a lockscreen bypass which gave access to not only contacts but photos on the iPhone as well. Through this, hackers could bypass even the passcode and Touch ID to get into iPhones.
Something even more similar happened with iOS 12.1 where a lockscreen bypass involved a FaceTime call to get access to contacts.
Apple will roll out iOS 13 for all iPhone users globally on September 19. The new iOS version will come with features like dark mode, updated Maps app and improved security features.