Oct 24, 2023 14:26:00

A vulnerability is discovered that allows you to easily bypass iPhone's 'Single App Mode'

The iPhone's ``

single app mode '', which is often set by mobile phone shops, has a vulnerability that can be easily canceled with just a few operations on the device. I found out something.

iOS Single App Mode Escape | WithSecure™ Labs
https://labs.withsecure.com/advisories/single-app-mode-bypass

According to a study by security firm WithSecure, it is possible to escape a device's single-app mode by exploiting what appears to be a race condition in the OS's user interface. The method shared by WithSecure is below, but WithSecure notes that it may not be successful every time. The GIGAZINE editorial department actually tried it, but it didn't work.

1: Make sure your device is set to single app mode.
2: Press the power button to deactivate the screen.
3: Press the power button to activate the screen.
4: Place your finger near the battery icon in the top right corner of the screen and swipe down from there.
5: Make sure the 'Siri Suggestions' panel is open at the top.
6: Continue typing text in the text field of the Siri Suggestions panel. Once the text field starts accepting input, proceed to the next step.
Step 7: Enter text for Siri's suggestions, and if text appears in the box, proceed to the next step. If the device doesn't respond or the Siri suggestion panel disappears, repeat from step 2.
8: Press the power button to deactivate the screen.
9: Wait about 30 seconds.
10: Press the power button to activate the screen. If there is no response, wait a few more seconds.
11: Execute swipe up action. This will take you to the home screen and allow you to exit single app mode.

Once you exit Single App Mode, you can operate your device without restrictions unless you return to the app that set Single App Mode. WithSecure reports that the combinations of devices and OS that were actually unlocked were ``iPadOS 16.4 & 9th generation iPad'', ``iOS 16.5 & iPhone 11'', and ``iOS 16.6 & iPhone 12'', but ``all It must be assumed that iOS devices may be affected.'

WithSecure disclosed this vulnerability to Apple on July 8, 2023. Apple quickly responded, saying, 'These security features are designed to prevent policy violations by legitimate users, and are not intended to protect devices from manipulation by malicious actors. Physical security is an important element in protecting the data on the iPod touch.''

Regarding this, WithSecure said, ``They did not tell me what physical security was.'' In addition, he pointed out that Apple has not said that Single App Mode 'should not be trusted as a security control,' and that the affected devices are accessible to many people. 'We question the reliability of this feature as a tool to protect your device from unauthorized access. If you want to keep your device more confidential, we strongly recommend that you do not use Single App Mode.' Ta.