Apple has released a fix for a vulnerability in facial scanner Face ID in iOS 15. The vulnerability allowed attackers to enter a phone or tablet with a 3D model of someone’s head. It’s unclear how Apple solved that.
Apple has revealed the existence of the fix in the list of resolved vulnerabilities in iOS 15. The manufacturer mentions CVE-2021-30863, but no more information is known about it. The vulnerability was suggested by Wish Wu of Ant-financial Light-Year Security Lab, a security researcher who previously reported a vulnerability in Face ID.
The vulnerability made it possible to trick Face ID with a 3D model of a user’s head, after which it was possible to get into the phone or tablet. Apple says it has overcome this by increasing anti-spoofing measures in Face ID.
Apple released iOS 15 on Monday, along with new versions of iPadOS and watchOS. The Face ID fix affects the 2017 iPhone X, 2018 iPhone XS and XR, 2019 iPhone 11, and 2020 iPhone 12 phones, as well as the 2018 iPad Pro models.