All Apple news

In iOS has found four vulnerabilities that can bypass the password on iPhone

The iPhone and iPad user can bypass password protection through specially formatted query to the voice assistant Siri. Securitylab reports about it with reference to the study of the Evolution Security GmbH.

The company has discovered four vulnerabilities in iOS, using which an attacker can bypass the password on the gadgets. Exploitation of security breaches allows access to the standard OS application. As stated by researcher Benjamin Kurtz Mejri, errors are present in the operating system in the last three months.

Each vulnerability can be proekspluatirovat through specially formatted request to voice assistant Siri. So, the attacker may ask the assistant to open a non-existent app. As a result voice assistant will open the App store, where the attacker can exit to the home screen of the device to bypass the authentication procedure.

Similar vulnerabilities were found in the Clock and Calendar. The programs allow users to open links in app Weather Channel. If this software is not installed, the user will be redirected to the App Store. Exploitation of the vulnerability will allow an attacker to bypass the authentication procedure.

The researcher contacted Apple and reported the vulnerabilities in iOS at the beginning of the year. The company still has not released a patch and did not say when the error will be eliminated.

Read also:   Foxconn employee stole iPhone almost on 100 million roubles

Leave a Reply

Your email address will not be published. Required fields are marked *