iOS 7 security flaw allows for Lock screen bypass in seconds

By , Jun 9, 2014

iOS 7 Lock Screen Bypass

A new security flaw has been discovered that allows for the Lock screen on iOS 7.1.1 to be bypassed in just seconds. The vulnerability provides access to any app that was left open before the device was locked, such as Mail or Messages, but a prompt appears to re-enter your Lock screen passcode if you attempt to navigate to the Home screen or elsewhere. Read ahead for how it works… 

The exploit affects the iPhone 4S or later on iOS 7.0 – iOS 7.1.1. I can confirm that the vulnerability exists on my iPhone 5 running iOS 7.0.4, while several other users report that it extends to the iPad. The only requirements to bypass the Lock screen are access to Control Center and a missed phone call in Notification Center. To duplicate the bypass on your device, simply follow these steps:

Step One: Swipe up from the bottom to open Control Center.

Step Two: Tap on the Airplane Mode toggle switch.

Step Three: Swipe down from the top to open Notification Center.

Step Four: Tap on a missed call notification.

While this exploit does not provide full access to an iPhone or iPad, it could allow for someone to read your emails, send messages, fiddle with your settings or other harmful actions depending on the app that you last left opened. A number of users that commented on the video noted that it does not work on iOS 8 beta, however, so it appears that Apple has patched the problem.

In the meantime, there are two temporary solutions for protecting yourself against this security flaw. The first option is to navigate to the Settings app, tapping Notification Center and disabling Lock screen notifications for the Phone app. The second option, also through the Settings app, is to tap on the Control Center menu and toggle off Access on Lock Screen.

A number of similar Lock screen exploits have been exposed over the years, including an iOS 7 vulnerability from last September that allowed access to almost any app running in the background. Another exploit on iOS 7.0.2 was uncovered just two weeks later, but it only allowed access to the Phone app. Apple typically patches these bugs in software updates.

  • Share:
  • Follow:
  • kgelner

    Doesn’t work for me, just brings up the pin entry page. When I swipe down it doesn’t bring down notification center until the control center panel is dismissed.

    • De Yu

      It’ll only work if you have an app opened before you lock your screen. For example, you need to launch imessage first, then lock your phone. Then do the steps and it should bring you to imessage.

  • Luism27

    oh no.. I won’t be able to sleep tonight!

    • Jackson Grong

      Step 1. Hide in the bathroom.
      Step 2. Call the FBI and the White House.
      Step 3. Wait while they send Syria troops to secure your phone.
      Step 4. World War 3 happens.
      Step 5. End of civilization.

      • Simon

        This^^

  • Ginzer

    Same here. My notification page is inaccessible unless you put in the pin code or touch id. I think this must be a glitch on some phones but not all.
    aginzo

  • jack

    Every iOS version has an exploit like this for law enforcement. It is a matter of discovering them. If I remember correctly this is the 5th or 6th exploit revealed.

    • ✪ aidan harris ✪

      If this were really true it’s a bit of a stupid exploit to only allow law enforcement access to the last open up and return to the passcode input screen if you press the home button…

      • jack

        there’s probably another exploit once you’ve bypassed the lockscreen to enable homescreen….

      • https://pbs.twimg.com/profile_images/412035973686366208/r14EeLu9.jpeg CPVideoMaker101

        what you say sir, is pure and utter hogwash. If authorities wanted to get past a lock, they would ask apple and not ask them to leave a critical bug in the system.

  • Chaotic Buddhist

    I think these articles are a waste of time on par with the basement dwellers who have the time to figure this shit out… Just a waste of time all the way around.

    • Anonomous.TECH.man

      You should stop thinking.

      • Brian Brown

        lol

  • Alex-V

    how long he try to make that…are there people out who make 24h try such things…

    • rafaelpz

      More than 500 million iPhones were sold. It’s a matter of time.

  • Don Walker II

    Doesn’t work for me. It just takes me to the passcode screen. Tried on 4s and 5 on 7.1.1 and 5s running 7.0.4.

  • Ente

    I think Apple does this on purpose for whatever reason. This has happened so many times now that I don’t believe it’s a coincidence.

    • mav3rick

      Might be, but still the conditions for this to work makes it pretty limited to be used: missed phone call AND app left open.

    • https://pbs.twimg.com/profile_images/412035973686366208/r14EeLu9.jpeg CPVideoMaker101

      they simply are bugs. we just can’t say “Apple opens jailbreaking bugs on purpose because of the amount of times it has happened”

  • Chris Holden

    that guy is annoying

    • Ente

      For real. The way he talks makes you want yo punch him in the mouth.

    • James Gunaca

      He’s so annoying, I cannot believe he exists.

      • Brian Brown

        niice lol

  • Jon20

    It worked for me. The trick is an application has to be opened AND you miss a call in order for it to open to that last application you left open once you click on the missed phone call at the lock screen or notification Center. The odds of those two things happening at the same time is very unlikely but still possible.

    • محمود الخميسي

      This trick doesn’t work with my device lol. It’s 7.0.6 but it shows me the pin page whenever I try to open the messages through this way

  • Krishna Rajkumar

    Works on iPhone 4S 7.0.6!

    Note: Disable airplane mode while in the app to use network!

  • Dubs

    I’m absolutely baffled by how people discover these things? I mean, really? How in the world do they find these stuff?

  • Jonathan

    Step 1. Put iPhone in locked case

    Step 2. Put locked case inside another locked case

    Step 3. put in another fireproof case

    Step 4. Bury 4 feet deep in back yard

    Step 5. Wait for iOS update

    Oh yeah, disable control center from lock screen.

    • jzack

      been thinking of this too. just disable cc and i dont think people can bypass the lockscreen

  • chris125

    So much for IOS being so secure. IOS7 has been a disaster from a security vulnerability standpoint. Hopefully all of these get patched up in IOS8

  • Dani Hayes

    Simple solution, disable notification center on lock screen. As long as airplane mode is on and you still have NS enabled on lock screen it still works if an app was opened before the phone was locked.

    It worked on my 5s and 4S on iOS 7.1.1

  • Zozory Zozor

    I think HE was using his finger to unlock the device while he was swiping from bottom to top.
    Also at the end of the video he disabled the control center but not notification center!!!!!!!!!!!!

  • Marcus

    Well my 7.0.4 iPhone 5s is safe with IntelliScreen X 7 :D

    • Brian Brown

      cute puppy pic you got there for an avatar man lol!

      • http://www.idownloadblog.com/ Joe Rossignol

        Doge.

      • Brian Brown

        as in the name or the vehicle manufacturer ? loll

      • Jonathan

        No, it’s a meme.

      • DogeCoin

        wow

    • https://pbs.twimg.com/profile_images/412035973686366208/r14EeLu9.jpeg CPVideoMaker101

      intelliscreen x7 made my 5S Lag more than an iPhone 4 running stock iOS 7.0

  • Brian Brown

    This is great news well, sort of -_- lol! …

    All the better for the Apple to release iOS 7.1.2 and which now leaves room for a potential Jailbreak in current versions.

    “You win some, you lose some”

  • chjode

    Step One: Swipe up from the bottom to open Control Center.

    And I’m safe.

  • Chris

    1. I always clear notifications once I’ve read them
    2. I use BioLockdown to protect control center

    I think I’m safe.

  • ɑղժɾҽա

    Well what if the person doesn’t have a missed call?!

  • Sleetui

    This works but when I tried it again it glitched out. Tested on a iPhone 5 running 7.0.6 Jailbroken. Damn you iOS 7!!!

  • mike

    wow it took long time for them to post this

  • Max Barlow

    This is fixed on iOS 8 beta 1

  • iOSdowngrader

    Works on iOS 8 Beta too and works with any Other App Notification too

  • bn326160

    Also works on iPhone 4 ;)

  • Mhmd Bassam Nasyr

    same on iPhone 4 too

  • Andres

    Doesn’t work on iPad

  • Fabio Rodrigues

    the guy on the video acts like an idiot… “I COULD NOT BELIEVE!” really??? C’mon…