A passcode flaw in Apple’s iOS 5 could allow unauthorized access to an iPhone user’s contacts list, recent calls, voicemail, text messages and more, according to a recent blog post from CultofMac.com.

The post cites a vulnerability discovered by Safwan Saba of iPhoneIslam where the phone’s missed call notification is used to trigger the flaw. After beginning a call and quickly removing the SIM card, the phone can be unlocked while the device searches for a signal, as demonstrated by the following video, via iPhoneIslam:

This isn’t the first security flaw found in Apple’s iOS: It was late last year that Siri, Apple’s new personal assistant feature for the iPhone 4S, was found letting unauthenticated users make calls and send texts without unlocking the device first. In October it was discovered that iPad 2’s lock screen could be bypassed simply by misusing its built-in Smart Cover, a magnetic cover that covers the device’s screen.

It’s been widely speculated that iOS 5.1 will launch on March 9, yet it’s not known whether the update will fix this particular vulnerability.

Categories: Vulnerabilities

Comment (1)

Comments are closed.