Qiang Yan

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7 **Description** The issue allows attackers to bypass intended limits on incorrect passcode entry, and consequently avoid a configured Erase Data setting, by leveraging the presence of an app in the third-party sandbox. **Recommendations** For versions prior to 7, update to version 7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 7 **Description** The issue concerns the Telephony subsystem, which does not enforce API conformity for access to telephony-daemon interfaces. This allows attackers to bypass intended restrictions on phone calls by using a crafted app that sends direct requests to the daemon. **Recommendations** For versions prior to 7, update to version 7 or later to resolve the issue.