New iOS 7 bug lets anyone make a call from your locked iPhone [VIDEO]

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Emergency callApple has already been embarrassed in the last few days with one unpatched bug in iOS 7.0, which allows unauthorised users to bypass the lock screen and gain direct access to your private photos and some apps.

But now another unpleasant bug has been found, which lets anyone make a phone call from your locked iPhone running iOS 7.0.

As Forbes reports, it is possible to fairly easily exploit a vulnerability in iOS 7.0’s emergency call function to call *any* phone number.

27-year-old Karam Daoud, a Palestinian living in the West Bank city of Ramallah, demonstrates the flaw in action in the following video:

Sign up to our free newsletter.
Security news, advice, and tips.
iOS 7 Security Bug - Apple - Emergency Dial in the Lock Screen

I tried Daoud’s technique for myself on an iPhone 5 – and sure enough, it works.

Here’s how you do it for yourself.

  • First get your hands on a locked iPhone running iOS 7.0
  • Rather than try to enter a PIN code, press the “Emergency” button as if you were going to call the Police.
  • Enter any number which you wish to call, and rapidly tap the call button. After a second or two, the screen will go black and an Apple logo appears. Your phone will dial the number.

If that all sounds a little complicated, it isn’t. But here’s a highly scientific diagram I have put together for the benefit of Apple’s developers with the help of some crayons.

How to call on a locked iPhone

In short, you may think your phone is locked – but anyone can make a call from it if they wish. And the call can be to premium rate and international numbers, of course. All being made at your expense.

It’s easy to imagine how pranksters might exploit such a feature, so make sure to keep your iPhone running iOS 7.0 safe and close until Apple fixes this bug.

Maybe they should have spent a little more time ensuring that security holes and bugs like this didn’t exist, rather than messing about adding bells and whistles…


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “New iOS 7 bug lets anyone make a call from your locked iPhone [VIDEO]”

  1. Larry Teh

    I have regretfully installed the IOS7.0 and found my contacts list have been butchered! Many important contact names were lost!
    The interface is so inferior – that I wish I did not update. Can anyone advise how to go back to IOS 5?

    1. Bill Thompson · in reply to Larry Teh

      If you backed up your iPhone before you upgraded then you
      should be able to rollback back but are you sure you really want to
      do that? There is more to it than the way it looks; IOS5 is
      probably two years old now and most apps are made for IOS6/IOS7
      now…

Leave a Reply to Larry Teh Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.