Expert discloses new iPhone lock screen vulnerability in iOS 15

The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be fixed.

The security researcher Jose Rodriguez (@VBarraquito) discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be addressed by Apple. A threat actor with physical access to a vulnerable device can access Notes via Siri/Voice Over.

Rodriguez explained that in real incidents, unattended or stolen devices with a lock screen bypass vulnerability are exposed to attacks that could leverage a lock screen vulnerability to access sensitive information.

This specific type of vulnerability represents a serious threat to individuals and organizations, for this reason, the expert suggests including their research when conducting a mobile pen-testing assessment.

The expert disclosed details about the lock screen bypass vulnerability after Apple downplayed similar flaws, tracked as CVE-2021-1835 and CVE-2021-30699, reported by the researcher earlier this year.

The flaws allowed an attacker to access instant messaging apps like WhatsApp or Telegram even while the mobile device was locked.

Rodriguez explained that Apple partially fixed the issue and did not involve him in the test of the released patch.

Then the expert proposed a variant of the same bypass issue that leverages Apple Siri and VoiceOver services to access the Notes app.

I have contacted Rodriguez for a comment and he told me that was disappointed with the way Apple manages his Bug Bounty Program.

“I hope Apple reacts to the anger of the researchers and takes actions to improve Apple Bug Bounty Program with greater agility in responses and payouts, and no lowballing security bug reports.” Rodriguez told me. “I hope Apple reacts to the anger of the researchers and takes actions to improve Apple Bug Bounty Program with greater agility in responses and payouts, and no lowballing the security bug reports.”

The expert also published a video PoC for the latest screen bypass vulnerability:

Let me suggest reading a post published by the expert that includes a long list of similar vulnerabilities:

https://blog.dinosec.com/2014/09/bypassing-ios-lock-screens.html

Over the past years, Rodriguez disclosed several similar flaws, sometimes a few days before the release of new iOS versions.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, iOS)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.