It is no secret that Apple pays great attention to the subject of security and privacy. But even such a large Corporation there are punctures. Yesterday, a Reddit user found a pretty serious vulnerability in iOS 13. It turned out that all the stored accounts passwords, and credit card data on the device can be viewed by anyone and you do not even need to know the password from “keychain”.
This defect iOS 13 allows you to steal not only passwords but credit card data saved for AutoFill in Safari. Thus, this vulnerability can easily be considered a critical.
How does a bug?
- Open “Settings” on your iPhone or iPad;
- Go to the “Passwords and accounts”;
- Find the item”Passwords and sites” and go into it. To access the password you must enter a code or confirm the identity of Touch ID or Face ID. In our case, we just press “Cancel”;
- Repeat this procedure 10-20 times. At some point you will get access to a menu with all your saved accounts
See also: In iOS there is a serious “hole”that you hadn’t seen in years
The same security issue is in the settings of Safari browser. A glitch allows you to easily view the credit cards you’ve saved for AutoFill.
User reported that this bug works in iOS 13 Beta 2 and 3, and 13 in the iOS Public Beta 2.
There is no doubt that Apple is already aware of the problem. Most likely, the company will release the appropriate patch in the next beta version of iOS 13.