Apple’s iOS 13 flaw exposes all your contacts data on iPhone

Killian Bell for Cult of Mac:

A newly-discovered flaw in iOS 13 lets anyone access your contacts without your passcode.

It takes just a few simple steps to bypass your iPhone’s lockscreen and see every phone number, email address, and physical address you have saved. But a fix is already on the way…

The iOS 13.1 update, already available to registered developers, eliminates the issue… Apple plans to release this to everyone on September 30.

MacDailyNews Take: Which, of course, is exactly why betas exist.


    1. What part of “beta testing” do you fail to grasp? Finding flaws such as this is the whole point of “testing” a not-yet-publically-released product. This is “quality control” done by thousands of volunteer testers seeking such problems prior to product release to a billion consumers.

      1. Betas don’t get rolled out to the general public. From the source article it sounds like iOS 13 GM that still has the flaw will be rolled out to everyone Sept.19 and iOS 13.1 that has the fix rolled out Sept. 30. Just don’t update till the 30th.

  1. Umm, so If I’m reading this correctly, you have to have physical access to the device, then you can bypass and get access to contacts only.

    Definitely not a Severity 1 issue, and there is a fix in the Sept 30 release, so for 11 days if someone steals your phone they can see who your contacts are.

    Yep, not worried about this, and there is a fix. Click-bait.

    1. Your mileage may vary. I suppose in the ‘lightest’ case you will only have a phone number for each of your contacts. The video in the source article makes it appear that you get full access to the contacts App however so I suspect anything you can initiate from Contacts may be accessible for use.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.