The security passionate Jose Rodriguez has discovered a new passcode bypass bug that could be exploited on the recently released iOS 12.0.1.
A few weeks ago, Rodriguez discovered a passcode bypass vulnerability in Apple’s new iOS version 12 that could have been exploited to access photos, contacts on a locked iPhone XS.
Now the expert discovered a similar flaw that is very easy to execute by a physical attacker to access photo album of a locked device. The bug allows the attacker to select photos and send them to anyone using Apple Messages.
The new passcode bypass attack works on all current iPhone models, including iPhone X and XS devices, running the latest version of iOS 12 to 12.0.1 version.
Below the step-by-step procedure for the passcode bypass discovered by Rodriguez:
(Security Affairs – passcode bypass, hacking)