Security researchers have discovered a flaw in both the iOS 10.1 and 10.1.1 update for Apple iPads, which allows hackers to bypass the activation lock screen feature in iOS.
Hemanth Joseph, a security researcher in India who bought an unlocked iPad Air from eBay but found the device locked. He detailed the entire process of how he bypassed the lock feature in his blog.
Apple released the iOS 10.1.1 update that seemed to have remove the flaw Joseph discovered. However, researchers from Vulnerability Lab, tested an iPad following the update and found a buffer overflow exploit along with some iPad-specific bugs can be used to bypass the activation lock in iOS 10.1.1.
If exploited by potential hackers, the user’s iCloud drive on the iOS device can be accessed along with personal data, documents, saved passwords and more. The exploit doesn’t works on iPhones running iOS 10.1.1.
As of now, Apple has not acknowledged the issue. But these flaws maybe fixed in upcoming updates.