Signal for iOS Vulnerability Allowed Authentication Bypass

By Ava McKinneyOnline Safety

Security Vulnerability in Signal for iOS Allowed Authentication Bypass

A security researcher known as n0sign4l has discovered a serious vulnerability (CVE-2018-9840) in the Signal messenger app for iOS. This issue allowed users to bypass the authentication process required to access the app.

The vulnerability affected all versions of Signal for iOS up to 2.23.1.1. By following a specific sequence of actions, it was possible to bypass both password and TouchID protection.

How the Vulnerability Worked

For versions 2.23.0.14 and earlier, the following steps could be used to bypass authentication:

  • Open Signal.
  • Tap the cancel button.
  • Press the Home button.
  • Open Signal again.

This sequence would grant access to the main window of the app without requiring authentication.

For version 2.23.1.1, a slightly different sequence was needed:

  • Open the Signal messenger.
  • Tap the cancel button.
  • Press the Home button.
  • Double-press the Home button.
  • Close the Signal app.
  • Reopen the Signal app.
  • Tap the cancel button.
  • Press the Home button.
  • Open Signal again.

Patch and Resolution

This vulnerability was fixed in version 2.23.2 of Signal for iOS. Users are strongly encouraged to update to the latest version to ensure their data remains protected.

Leave a Reply