A new bug has been discovered in iOS 5.0.1 that provides unauthorized access to a user’s contacts on passcode-protected iPhones. The bug, which was discovered by iPhoneIslam, is not easily reproduced and requires the attacker to have a spare SIM card or access to the victim’s phone number. The method involves inserting and ejecting the iPhone’s SIM card, which will eventually bypass the phone’s passcode and give unauthorized access to the contacts and phone app. The attacker can then make calls, view call history, view contacts and use FaceTime. The threat is seen as a somewhat minor issue that Apple will most likely fix in an upcoming iOS update.
[Via The Verge]