CVE-2013-5160
Description
A physical attacker can bypass the iPhone passcode lock by repeatedly tapping the emergency-call button, causing a NULL pointer dereference that exposes the dialer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A physical attacker can bypass the iPhone passcode lock by repeatedly tapping the emergency-call button, causing a NULL pointer dereference that exposes the dialer.
Vulnerability
CVE-2013-5160 is a NULL pointer dereference vulnerability in the Passcode Lock screen of Apple iOS prior to version 7.0.2 on iPhone devices [1]. When the emergency-call button is tapped repeatedly, the lock screen undergoes a NULL dereference that triggers a restart. During this restart window, the call dialer fails to obtain the lock screen state and incorrectly assumes the device is unlocked, allowing non-emergency numbers to be dialed [1]. The issue affects iPhone 4 and later models running iOS versions before 7.0.2 [1].
Exploitation
To exploit this vulnerability, an attacker must have physical access to the target iPhone [1]. The attack requires the user to repeatedly tap the emergency-call button, which is always visible on the lock screen [1]. No authentication or special privileges are needed beyond being able to interact with the device's touch screen. The repeated taps cause a race condition where the lock screen crashes and restarts, during which the dialer briefly misinterprets the device state as unlocked [1]. The precise sequence is: rapid taps on the emergency-call button -> NULL dereference -> lock screen restart -> dialer exposed -> attacker can dial any number before the lock screen reasserts itself [1].
Impact
A successful exploit allows an attacker to bypass the passcode requirement and dial arbitrary telephone numbers, including non-emergency numbers, without unlocking the device [1]. This can lead to unauthorized calls, which may incur charges or be used for malicious purposes, but the attacker cannot access other data or apps on the phone [1]. The impact is limited to telephony dialing and does not grant broader access to the device's file system, messages, or contacts. The privilege level is essentially the same as having a temporarily unlocked phone for dialing only [1].
Mitigation
Apple addressed this vulnerability in iOS 7.0.2, which was released on September 26, 2013 [1]. Users should update their iPhones to iOS 7.0.2 or later via Settings > General > Software Update [1]. No workaround is documented; the fix involves avoiding the NULL dereference in the lock screen code [1]. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date [1].
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*range: <=7.0.1
- cpe:2.3:o:apple:iphone_os:7.0:*:*:*:*:*:*:*
- Range: <7.0.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- lists.apple.com/archives/security-announce/2013/Sep/msg00009.htmlnvdVendor Advisory
- support.apple.com/kb/HT5957nvdVendor Advisory
News mentions
0No linked articles in our index yet.