Apple iOS 7.2 – Sim Lock Screen Display Bypass Vulnerability
A restricted screen bypass via design glitch is detected in the official Apple iOS v7.0.1 for Mobile Devices (iPad|iPhone).
The security vulnerability allows local attackers to bypass the display screen of the restricted sim locked mode.
The bypass vulnerability is located in the iOS v7.0.1/7.0.2 when the `sim locked` mode of an iphone mobile is activated.
Local attackers can redirect the sim locked display to the regular default mode by using a restricted calculator function in
combination with the shutdown and unlock button. As result the local attacker is able to glitch > jump into the regular locked
phone mode with calender + hyperlinks, camera and control center. The regular sim locked display is at the end usable like in
the regular mode without sim locked label in the screen.
The local sim lock screen display bypass vulnerability can be exploited by local attackers with physical device access and without
user interaction. Successful exploitation results in the bypass of the sim lock mode to the regular lock mode. In a earlier test (7.x)
we combined the earlier discovered issues to first unlock the sim display (locked sim card) and bypass the pass code to fully compromise.
(more…)