CVE-2013-5164

iPhone OS < 7.0.3 - Unauthenticated Race Condition in Phone App Contacts Pane

Title source: llm
STIX 2.1

Description

Multiple race conditions in the Phone app in Apple iOS before 7.0.3 allow physically proximate attackers to bypass the locked state, and dial the telephone numbers in arbitrary Contacts entries, by visiting the Contacts pane.

References (1)

Core 1
Core References
Vendor Advisory vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2013/Oct/msg00002.html

Scores

EPSS 0.0023
EPSS Percentile 13.4%

Details

CWE
CWE-362
Status published
Products (3)
apple/iphone_os 7.0
apple/iphone_os 7.0.1
apple/iphone_os < 7.0.2
Published Oct 24, 2013
Tracked Since Feb 18, 2026