CVE-2010-4012

iPhone OS 4.0-4.1 - Unauthenticated Passcode Lock Bypass via Emergency Call Screen Race Condition

Title source: llm
STIX 2.1

Description

Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
http://support.apple.com/kb/HT4456

Scores

EPSS 0.0026
EPSS Percentile 17.4%

Details

CWE
CWE-362
Status published
Products (2)
apple/iphone_os 4.0
apple/iphone_os 4.1
Published Dec 08, 2010
Tracked Since Feb 18, 2026