New iOS 7 security bug allows anyone to make calls from locked iPhone

Advertisement
By Anupam Saxena | Updated: 23 September 2013 15:37 IST
It looks like iOS 7 already has its fair share of security holes, more being brought to light as users and security experts start tinkering with it.
 
After the discovery of a Control Center vulnerability that allowed intruders to gain access, to the Photos app and to the user's Messages, Mail, Twitter, Facebook and Flickr accounts via the sharing menu, bypassing the passcode completely, a new security hole that allows anyone to make calls even through a passcode locked iPhone, has been discovered by Karam Daoud.
 
Reported first by Forbes, Daoud posted a video that shows him trying to dial a number through a passcode locked iPhone's Emergency number dialler screen. The screen allows users to dial select emergency service numbers and rejects other unassigned numbers. However, as per the video, after many failed attempts, Daoud was able to make a call to the number though the screen went black and displayed an Apple logo.

 
We tried to reproduce the hack on an iPhone 5 running iOS 7, and were able to see the same black screen and Apple logo after repeated attempts to dial a number, but the phone did not dial the number (the other party didn't get a call).
 
Daoud claims that he has already got in touch with Apple's security team and briefed them on the security flaw. He said Apple requested more information and a video, and then thanked him and mentioned that the bug would be fixed in an upcoming software update.
 
The previous Control Center vulnerability raised eyebrows about iOS 7's security. All that someone needs to do is to fire up the Control Center by swiping up from the bottom of the iPhone's lock screen and open the Camera app. Since the phone is locked the intruders would not be able to see anything when they open the Photos app through it. However, they can then launch the Clock app from the control center and hold the iPhone's power/ screen lock button till they see Slide to power off button at the top and Cancel button at the bottom. The intruders then simply need to tap on the Cancel button and quickly press the iPhone's Home button twice to fire up the multitasking menu, where the Camera app would appear (the other open apps would also appear but won't be accessible).
 
The intruders would be able to access the Photos app through the Camera app and get access to the user's Messages, Mail, Twitter, Facebook and Flickr accounts via the sharing menu.
 
While it's very easy to prevent the hack as it requires disabling the Control Center's lock screen access, this latest Emergency services hack cannot be prevented at the user's end, and would require Apple to push out a security update that fixes it, as promised.

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Amazon Prime Day Deals 2026: Up to 70 Percent Off on These Projectors
  2. Amazon Prime Day 2026: Best Deals on Soundbars From JBL, and More
  3. Best 5G Phones Under Rs. 15,000 With Long Battery Life in India
  4. Best Mobiles Under Rs. 30,000 in India
  1. Boat Stone 900 Launched in India With Up to 80W Sound Output, Up to 15 Hours Audio Playback: Price, Features
  2. Cyberpunk 2077 Has Sold 40 Million Copies, CD Projekt Red Confirms
  3. Nothing Phone 1 Receives Final Software Update With Latest Security Patches, Bug Fixes and Improvements
  4. Nokia 235 4G (2026), 215 4G (2026) Launched Alongside Nokia 210 4G, and 200 4G With AI Assistant Button
  5. Samsung Galaxy S27 Ultra Battery Details Leaked; Could Top iPhone 18 Pro Max's Battery Capacity
  6. OnePlus Ace 7 Series Tipped to Feature 185Hz Display, 9,000mAh Battery
  7. WhatsApp Rolls Out Primary Device Support on iPad, Tests New Setup Screen for Android Tablets: Report
  8. Government Directs App Stores to Remove Malicious Apps Used to Disrupt E-Rickshaw Operations: Report
  9. Sony Reportedly Restructures Disc Factory After Announcing End of Physical Game Discs on PlayStation
  10. Maharashtra Legislature Passes Amendment to Bring Virtual Digital Assets Under Depositor Protection Law
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.