CVE-2016-7638

Vulnerability

The issue resides in the Find My iPhone component on iOS versions prior to 10.2. A physically proximate attacker can bypass the authentication mechanism required to disable the service, allowing them to turn off Find My iPhone without proper credentials. Affected devices include iPhone 5 and later, iPad 4th generation and later, and iPod touch 6th generation and later running iOS versions before 10.2 [1].

Exploitation

An attacker must have physical access to the unlocked device. By exploiting the authentication bypass, they can navigate to the Find My iPhone settings and disable the feature without entering the correct Apple ID password. No additional privileges or network access are required beyond physical proximity [1].

Impact

Successful exploitation disables Find My iPhone, removing the device's ability to be located via iCloud and preventing remote lock or wipe. This compromises the device's security and the owner's ability to recover it if lost or stolen [1].

Mitigation

Apple addressed this vulnerability in iOS 10.2, released on December 12, 2016. Users should update their devices to iOS 10.2 or later via Settings > General > Software Update. No workaround is available for unpatched versions [1].