Apple Patches FaceTime Spying Vulnerability

Source
Advertisement


Apple described the flaw, tracked as CVE-2019-6223, as a logic issue in the handling of Group FaceTime calls. The company says the problem has been addressed with “improved state management.”

The bug allowed an attacker to spy on FaceTime users by calling the targeted user and adding the attacker’s own number to a group chat. While the hacker could hear and possibly even see the victim, on the victim’s side it appeared as if the call still hadn’t been answered.

Advertisement