Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Complex iOS 13 exploit allows viewing of contacts without unlocking iPhone

Last updated

A new exploit shows how someone could bypass an iPhone's passcode, FaceID, or TouchID requirements to view the contact information of an iPhone running iOS 13.

A video uploaded to YouTube by Jose Rodriguez illustrates using a VoiceOver and Siri exploit can give unrestricted access to view contacts stored on an iPhone.

Rodriguez shows how the exploit works, which involves calling or FaceTiming the target iPhone. Once the call is placed, the call recipient must opt to respond with a custom message rather than answer the call. From the message screen, the user must turn on VoiceOver using Siri and then turn it back off. Following the toggling of VoiceOver, the user can add to contact field, which allows you to see the contact information of any contact in the phone.

AppleInsider was able to get the vector to work. There is some timing element on enabling and disabling VoiceOver, however, that varies based on unknown factors.

Relatively little is at stake with this exploit. Beyond the inherent danger of an assailant having your iPhone, this method only allows someone to view the contacts within the target iPhone, provided that they have physical access to the target phone and can complete the VoiceOver exploit.

Rodriguez had unearthed bypasses previously. In 2018, Rodriguez discovered another complex exploit in iOS 12 that allowed a user to use VoiceOver to access an iPhone's photos and contacts, not dissimilar to this one in iO 13.

Those looking to protect themselves from the exploit can block it entirely by disabling Siri while the phone is locked in the Passcode preferences menu.

Rodriguez reported the flaw to Apple earlier in the iOS 13 beta process.



11 Comments

razorpit 17 Years · 1793 comments

The other way of unlocking a phone is by putting it in my pocket. I can't tell you the number of times I feel the 'warmth' of the phone in my pocket only to pull it {the phone} out and find it on the home screen or in some other app.

bonobob 13 Years · 395 comments

I don't think I'll be losing a whole lotta sleep over this one.

bonobob 13 Years · 395 comments

razorpit said:
The other way of unlocking a phone is by putting it in my pocket. I can't tell you the number of times I feel the 'warmth' of the phone in my pocket only to pull it {the phone} out and find it on the home screen or in some other app.

Not sure how you can do that unless you have no passcode for the phone, or put it in your pocket with the screen still on.

coolfactor 20 Years · 2341 comments

Demos like this are annoying to watch. It looks like he's uncertain about the next step to take.

Honestly, even if that contact info is displayed, what can they do with it? Can they email my entire contact list? No. Can they start sending spam? No. I fail to see what the risk is. While it would be nice for the info to not be accessible, it's no different than a digital version of an address book that people used to keep around their house all the time. Not really considered "sensitive" information, if you ask me.

MplsP 8 Years · 4047 comments

bonobob said:
razorpit said:
The other way of unlocking a phone is by putting it in my pocket. I can't tell you the number of times I feel the 'warmth' of the phone in my pocket only to pull it {the phone} out and find it on the home screen or in some other app.
Not sure how you can do that unless you have no passcode for the phone, or put it in your pocket with the screen still on.

That's what happens to me - I accidentally put it in my pocket without locking it and the pocket liner is thin enough that the phone senses contact with my leg and stays on.

As far as the exploit goes, once again I ask "How do people find these????"