Vulnerability iOS 13 unveils passwords

Modern man has to dailyuse numerous password-protected applications, the security of which storage is one of the main tasks of operating systems. Therefore, the owners of Apple's products were alarmed by the vulnerability recently discovered in iOS 13 Beta 2 and 3, as well as in iOS 13 Public Beta 2.

Apple's mobile operating system allowsopen access for unauthorized users to account passwords to information related to bank card information saved for Safari auto-completion, bypassing Touch ID and Face ID.

The error was first noticed by users of Reddit,who described in detail the mechanism of vulnerability on the forum. On the iPhone or iPad, in the “Settings” section, open the “Passwords and Accounts” subsection, then “Website and Software Passwords”. Then, instead of the required confirmation of identity using a numeric code, Touch ID or Face ID, you just need to click the Cancel button. After repeated, 10 to 20 times repetition, you can access the saved password information.

[BUG] For anyone still unaware. You can access saved passwords by tapping it repeatedly. iOS 13 beta 3 (iPhone 8) from r / iOSBeta

Vigilant enthusiasts have already reported to Apple about the detected vulnerability.

Source: reddit