Yet Another Apple iOS 6.1 Passcode Lock Vulnerability
Researchers have unearthed yet another vulnerability in Apple’s (NASDAQ:AAPL) iOS 6.1, which allows anyone with the know-how to bypass the password-protected lock screen. In a manner similar to the one discovered earlier this month, an intruder first employs the emergency call function, then holds the lock/sleep button to cancel the call and gain access to data.
According to Vulnerability Lab CEO Benjamin Kunz Mejri, “the vulnerability is located in the main login module of the mobile iOS device (iPhone or iPad) when processing to use the screenshot function in combination with the emergency call and power (standby) button. [It] allows the local attacker to bypass the code lock in iTunes and via USB when a black screen bug appears [and] can be exploited by local attackers with physical device access without privileged iOS accounts or required user interaction. Successful exploitation of the vulnerability results in unauthorized device access and information disclosure.”
This vulnerability is different from the earlier one in that the screen of the device goes black, such that a hacker could connect it to a computer via USB and access personal data without entering credentials…