Another iOS7 Lock Screen bypass – Control Center turned off

In our previous post we covered a bug released yesterday where anyone can break into a phone that is using iOS7.

We also wrote about some additional ways to trigger the bug, but all versions could be prevented by shutting off the Control Center on Lock Screen. So that’s what we, and everyone else suggested.

However, we have discovered that this does in fact not prevent a similar bug from exploiting the lock screen. The new way is based on the fact that Voice Control/Siri can make phone calls to known contacts, and by using the shutdown screen while calling, the double tap trick can still be done.


And here’s the aftermath: https://twitter.com/avlidienbrunn/status/381099165213683712 .

Currently we have no suggested patch/fix for this issue.

Written by Mathias/Frans
Back to Detectify blog
Back to Detectify

comments powered by Disqus