U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A flaw allows to bypass the activation lock on iPhone and iPad

Researchers discovered a bug that can be exploited to bypass Apple’s Activation Lock feature and gain access to the homescreen of locked Apple devices. Security experts have discovered a new bug that could be exploited to bypass Activation Lock feature on Apple devices (iPhone, iPad). The bug could allow gaining access to the homescreen of a […]

A flaw allows to bypass the activation lock on iPhone and iPad

Researchers discovered a bug that can be exploited to bypass Apple’s Activation Lock feature and gain access to the homescreen of locked Apple devices.

Security experts have discovered a new bug that could be exploited to bypass Activation Lock feature on Apple devices (iPhone, iPad).

The bug could allow gaining access to the homescreen of a locked device running the latest version of the Apple iOS.

Researchers reported at least two different variations of the issue, a first one working on iOS 10.1 and the second one on the latest iOS 10.1.1.

In case of a theft or loss of an Apple device (iPhone, iPad or iPod), users can activate the Lost Mode through the Find My iPhone service.

This mode automatically enables the Activation Lock to prevent the reactivation of the device without the owner’s permission.

When a user starts a locked device, he is prompted to connect to a Wi-Fi network. In case the “Other Network” option is selected, the user must enter the name of the network and choose a security protocol (e.g. WEP, WPA2, etc.).

bypass Apple activation lock

Of course, the user has to provide a username and a password, but researchers noticed that there is no limitation on the number of characters that can be entered into the name, username and password fields.

An attacker can trigger a crash that exposes the device’s homescreen by entering a very long string into these fields.

The crash can be caused one of the following methods: Apple’s iPad smart cases, which cause the device to wake or sleep when the case is opened or closed.

  • Leveraging on the Apple’s iPad smart cases, which cause the mobile device to wake or sleep when the case is opened or closed.
  • Leveraging the screen rotation feature and Night Shift mode as demonstrated in the video PoC published by Vulnerability Lab.

The first method was first analyzed by Hemant Joseph, who tested the Activation Lock feature after purchasing a locked iPad from eBay.  The method worked on iOS 10.1 and was fixed by Apple with the iOS 10.1.1 release.

The second method was discovered by researchers at Vulnerability Lab and works also on iOS 10.1.1.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – iPhone, Activation Lock Bypass)