Two bugs were discovered in Apple iOS passcode security. YouTube channels iDeviceHelp and EverythingApplePro had found two big loopholes in iOS passcode system where an attacker can easily access the device personal messages and photos data and if Siri is enable this loophole is can be exploited using physical access to apple device.
These steps will explore loopholes.
First Step is to ask Siri “Who I am?” and details about users are given, an attacker can get phone details make call on FaceTime or phone number. Whatever the case is even if owner of phone has 4-digit passcode / Touch ID enabled it will prompt user to receive call.
As it is done attacker just need to tap the message icon on display and reply with SMS despite knowing the fact that it is locked a new message screen will pop up.
Second thing to be done by attacker is to use Siri again, ask “Turn on Voice Over.” And then you can use it for their purposes but this is again a loop hole is exploited using Siri only.
Next thing to do is that attacker quickly double taps recipient name field, with quick tapping on any key keyboard together, if you are successful then attacker will be allowed to write in “To” field of SMS Message which should not be permitted at all cost as the one who called should only be restricted to it only. This step may take several tries.
As soon as ur done with this step, Siri can be turned off with “Turn off VoiceOver ” Command, attacker has now got its access to user address book and voice over is not needed anymore. Searching through the contact list, attackers now will go for an entry with information “ⓘ” icon, same way when you tap that icon and random button together you will get access and make a new contact.
In that process attacker can add a photo to contact and this will allow attacker to go through private data of device user while phone itself is still locked.
These two videos from YouTube as mentioned earlier will show details of whole procedure.