Hot on the heels of a vulnerability that gave snoopers the ability to bypass the iPhone’s passcode in iOS 6 and make calls, view and modify contacts, and even access to photos via the Contacts app, is a new one that allows the entire contents of the handset to by synced with iTunes.
“The vulnerability is located in the main login module of the mobile iOS device [applies to iPhone or iPad] when processing to use the screenshot function in combination with the emergency call and power button,” said Vulnerability Lab, who initially discovered the flaw.
The vulnerability allows anyone with physical access to the iOS device the ability to easily bypass the passcode lock and use a USB cable to get access to the data stored on the iPhone or iPad from a Mac or PC.
Below is a video demonstrating the vulnerability.
This is a very serious vulnerability indeed, as it means that someone could get access to data stored on an iOS device without leaving a trace. While home users might not like the idea of family and friends snooping through their data, it’s businesses who use iPhones and iPads that need to be really worried. This vulnerability means that storing sensitive information on an iOS 6 is not a good idea, and additional steps need to be taken to protect the data.